Documents in Portable Document Format (.PDF) require Adobe Acrobat Reader 5.0 or higher to view. Download it now.
FDIC-Insured - Backed by the full faith and credit of the U.S. Government
Enterprise Bank
Online Banking
Enroll Now | Forgot password or PIN?
HomeResources

Ransomware

Ransomware

 

What Is Ransomware??

Did you know? Ransomware is a type of malicious software designed to block access to a computer system until a sum of money is paid.

First, let's talk about Malware: The term malware is a contraction of malicious software. Put simply, malware is any piece of software that was written with the intent of doing harm to data, devices, or to people. Viruses, trojans, spyware, and other similar software are different kinds of malware.

Okay, so now, WHAT IS RANSOMWARE?

Ransomware is a type of malware that prevents or limits users from accessing their system, either by locking the system's screen or by encrypting the users' files unless a ransom is paid. More modern ransomware encrypt certain file types on infected systems and force users to pay the ransom through certain online payment methods to get a decryption key.

At its heart, ransomware mimics the age old crime of kidnapping: someone takes something you value, and in order to try to get it back, you have to pay up.

FACT: May 12th saw the biggest ever cyber attack in Internet history. A ransomware named WannaCry stormed through the web. In the first few hours, 200,000 machines were infected. When it was all over, approximately 400,000 machines were infected.

But why target the average user?

  • Because you don't back up your data;
  • Because you have little or no cyber security education, which means you'll click on almost anything;
  • Because you may not have baseline cyber protection in place;
  • Because you don't keep your software up to date;
  • Because you often rely on luck to keep yourself safe online ("It won't happen to me" mentality);
  • Because you still rely exclusively on antivirus to protect your computer from all threats, which is frequently ineffective in spotting and stopping ransomware;
  • Because of the sheer volume of Internet users that can become potential victims (more infected PCS = more money).

Ransomware can be downloaded onto systems when visiting malicious or compromised websites. Some ransomware are known to be delivered as attachments from spammed email or downloaded from malicious pages through malvertisements (malicious advertisements).

Once executed in the computer, ransomware can either (1) lock the computer screen, or (2) encrypt predetermined files. If the ransomware locks the computer screen, a full-screen image or notification is displayed on the infected system's screen, which prevents victims from using their system. This also shows the instructions on how users can pay for the ransom. The second type of ransomware prevents access to files like documents and spreadsheets.



Some key characteristics of Ransomware include:

  • It features unbreakable encryption, which means that you can't decrypt or unlock the files on your own.
  • It has the ability to encrypt all kinds of files, from documents to pictures, videos, audio files and other things you may have on your PC;
  • It can scramble your file names, so you don't know which data was affected.
  • It will display an image or a message that lets you know your data has been encrypted and that you have to pay a specific sum of money to get it back;
  • It requests payment in Bitcoins, a virtual crypto-currency that is difficult to track by cyber security researchers or law enforcements agencies. More recently, the "bad guys" have listed alternative payment options such as iTunes and Amazon gift cards.
  • Usually, the ransom payments have a time-limit, to add another level of psychological constraint to this extortion scheme. Going over the deadline typically means that the ransom will increase, but it can also mean that the data will be destroyed and lost forever.
  • It uses a complex set of evasion techniques to go undetected by traditional antivirus;
  • It can spread to other PCs connected to a local network, creating further damage;

Know that paying the ransom does not guarantee that you will get the decryption key or unlock tool required to regain access to the infected files.



How can I prevent an attack?

  1. Back up your data on an offline hard drive.
  2. Install all Windows updates timely.
  3. Use a reputable security software to prevent attacks in the future.
  4. Use safe browsing techniques; don't visit sites you're not familiar with.