Ransomware – what is it?


Ransomware is a type of malware that stops you from using your computer, and holds your data hostage. Typically, it will do this by encrypting your personal files or locking your computer screen. It may then require you to pay a ransom via a credit card payment, money transfer or cryptocurrency in order to unlock and use your computer.  But even if you pay the ransom, there’s no guarantee it won’t happen again. 


How do people fall victim to ransomware? 
Ransomware can spread in different ways but most of the time it happens when a user clicks on an infected email attachment, link, or visits a hacked website.  A lot of times it also poses as an online advertisement or pop-up window that warns you of some kind of malware on your computer. 


For example, Cryptolocker is a type of ransomware that encrypts personal files and demands payment to release them. This is usually targeted at Windows operating system. Another type of ransomware is SMS ransomware, which has the capability to lock your computer and display a random message. To unlock your computer, you are instructed to send a code via text message to a premium-rate SMS number to receive a corresponding code to unlock it. 


One of the biggest ransomware attacks to date was in May 2017 when a global attack was caused by a ransomware variant called WannaCry. This unique malware had the capability to spread over the network by scanning for vulnerable systems and infecting them, then encrypts files on the system and requests ransom payment in Bitcoin to decrypt the files. It reportedly infected over 230,000 computers in over 150 countries.  


What should I do if it happens to me? 

  • Don’t pay the ransom because there is no guarantee that it will return your computer to a useable state. Instead, try to restore your computer to an earlier state by using “System Restore”. 
  • Report it to your bank and law enforcement. If you paid the ransom with a credit card, your bank may be able to block the transaction and return your money. 


How can I protect myself against ransomware? 

  • Back up your important files regularly, using an external hard drive, online cloud service, USB flash drive or disks. 
  • Use up-to-date antivirus software to protect your computer from getting infected 
  • Always be suspicious of what you click 
  • Never click on email attachments you are not expecting, or links from unknown senders 
  • Think before you click on links and advertisements. If you see a suspicious looking pop-up window warning you that you have been infected, don’t click on it – instead, close the window. 
  • Maintain your computer with up-to-date applications 
  • Don’t install programs from untrusted sources 
  • Treat your smartphone the same way you treat your computer, because they can be just as vulnerable. 


What to do if you’re infected 

  • Disconnect your computer from the internet. 
  • DO NOT pay the ransom. There is no guarantee you will get your files back. 
  • Report to BruCERT by calling 245 8001.