Wednesday What-Is - 02 - Ransomware

 Ransomware

Welcome back to the Wednesday What-Is, a (hopefully) once-weekly blog post where I break down cyber security concepts so that (hopefully) anyone can understand them.

This week's topic is ransomware.

To start with, here's a quick dictionary definition:

Ransomware

: A type of malicious software designed to block access to a computer system until a sum of money is paid

This sums up the gist of what ransomware does, it plays a similar role as a regular ransom might. It is a piece of software that holds either your files, data, or even your entire computer hostage! Scary stuff.

As users of computers, we of course have our files, our data, and things on our computer that we regularly use and need to interact with to get on with our daily lives. Maybe you have art projects that you work on digitally, or perhaps you like to work out finances using spreadsheets. Whatever you use a computer for, you will agree that your data is important to you, and it is important that you have access to it at all times.

Ransomware, as described, prevents you from accessing these files, or even your computer alltogether in some cases.

The way this works is, first, a file or some other such piece of data containing the ransomware's code, ends up on your computer. This could also happen in a number of ways, such as from a dodgy website that you didn't mean to click on, or even from a phishing email.

In any case, somehow, the ransomware has made its way on to your computer. Oftentimes this software will be set up so that it automatically runs when it is downloaded on to your machine. If this is not the case, a curious attempt to run such a program will lead to the same outcome.

So, the ransomware has run its course, what has it done? Well, usually at this point, the following is happening or has happened:

1. Your files are encrypted, that is to say 'locked with a password', and you cannot access them OR you are locked out of your computer and you cannot gain entry to it.
2. The person who created the ransomware has the key/password which will let you have access back to your data/computer.
3. The ransomware is telling you that you can have this key back if you pay the creator a sum of money

This obviously isn't a situation anyone wants to find themselves in- ransoms are quite frightening.

Sometimes criminals who create and use ransomware will damage or delete your files while you are prevented from accessing them, even if you pay the ransom, or they may not even give you back the access to whatever they were ransoming!

One instance of this type of malicious software making headlines that you may have already heard of is the 2017 WannaCry NHS attack,  when the NHS was locked out of many critical hospital systems by a ransomware attack, devastating the organisation, and causing vast amounts of harm.

As this situation is very difficult to get out of unscathed, it is much easier and much more productive to focus on not getting struck by these ransoms in the first place. Here are some tips to help you avoid running into this nasty type of software:

1. Make sure that you have some form of anti-virus software on your computer, it will help by detecting and stopping these malicious programs before they can lock you out of your files, perhaps even before they even get onto your computer.
2. Keep your computer updated with the latest patches. Ransomware isn't able to just 'take over' any computer willy-nilly, it is often only able to successfully do so to older machines. If your machine has Windows on it, make sure you're using the latest version of it.
3. Avoid clicking on links and downloading files from sources you are suspicious of or aren't sure of. If in doubt, consult someone you trust or know to be knowledgeable in IT before attempting to proceed.

Fortunately, businesses and organisations are more likely to be actively targeted by ransomware than an everyday user, as they are likely to have much more money to extort. If you are careful online and stick to trustworthy websites, you will likely avoid ever encountering such malicious software.

Thanks for reading this week's Wednesday What-Is!

Whew, another post done. This is a nice surprise I suppose! I wasn't expecting to actually successfully post again so soon, but I suppose finding a free evening on the lead up to Wednesday each week isn't so hard, it's a nice activity and keeps my security-brain sharp. Hope you enjoyed!

- Ollie -