What Is Ransomware?
Ransomware is a type of vicious malware that takes your computer and files captive by locking you out of being able to open or control them, until a sum of money or "ransom" is paid to the hackers. A ransomware attack can occur to a desktop, laptop, tablet, and/or cell phone. These types of attacks cause massive losses of time, loss or corruption of data/files/information, theft of intellectual property, and even a complete wipe of everything on the entire network.

Ransomware is not one strain of malware, rather it comes in many different forms and each one is specific to attack certain items on the device or network. There are some strains of ransomware that are designed to attack PCs and others that are designed to go after Macs. Some attack the devices themselves and simply encrypt everything on that one device, while others are designed to encrypt everything on an entire network. This highly sophisticated process is so devastating, because there is virtually no way to decrypt the attack without paying the ransom.
FAQ About Ransomware
How Can I Be Infected with Ransomware?
Since it's introduction as a professional hacking tool in 2005, ransomware has been deemed one of the most crippling and dangerous types of attack that a company could encounter. Understanding that the encryption is virtually impossible to decode or penetrate without paying the ransom, you, as a user need to be accurately informed of how ransomware can end up on your device and how to avoid being compromised.
Email The most common route for someone to infect your computer or network with a Ransomware attack would be through email. Whether it is in an attachment or link sent in the body of the message, ransomware simply needs to be opened for it to be activated on your end. If you receive an email that has a link or attachment that urges you to open it, or the sender is not someone that you recognize, do not click on the link/attachment. You don't even have to download the attachment for it to work. Simply opening will enact the virus and cause it to attack.
Websites Another major avenue for ransomware is the use of "unauthorized" websites that are either outdated or make you run an unknown or unprotected third-party application. This method is a bit more tricky as it is tough to validate which apps are safe and which are not. If you do not know if an application is safe, complete a quick Google search to see what other users are saying. You also want to make sure that there have been a lot of downloads of that application with a high rating. Hackers will exploit known vulnerabilities in the software that will allow them to bug the entire website.
Free Software One of the most known, yet still effective manners in which ransomware is projected onto your device is through the use of free software or free online services that would normally have to be paid for. Some examples of this would include online free games, game "mods", adult entertainment, screensavers, and websites that claim how to cheat in a game or get around the paywall of another website. As mentioned previously, make sure that you are not clicking on or downloading any software that you do not know of or trust.
Why Is Ransomware So Effective?
Ransomware is the most current and effective form of cyber-crime, as the perpetrators who choose to utilize this tool for their own personal gain have also turned into a business. On the "dark web" these cyber-criminals have made an entire, self-sustaining industry on the workings of ransomware. Because of the shared responsibility to keep this type of attack running, cyber-crime has seen a drastic jump in activity as well as a never-before-seen rate of usefulness. Cyber-criminals now have the ability to implement the program of their choice and send it out to tens of thousands of people in a single sitting. All of the tools that are needed to get something like this up and running are for sale, virtually allowing anyone who has basic knowledge to portray the skill set of a high-level engineer.
There are areas of specialization that allow for small economies to be grown on the back of this cyber-crime. These criminals have started working together to make sure that each one has the proper tools to get the job done right and efficiently. One example of this would be that malware can be registered as a software and receive tech support to make sure it is running at peak levels of speed and accuracy. This has made it exceedingly difficult to track down the perpetrators, let alone the issues of jurisdiction, making it nearly impossible to stop.
We are clearly in for the fight of our lives when it comes to protecting our most precious information from falling victim to this heinous act of violence. We need to make sure we are on top of our game just as these miscreants have over the past decade.
What Strain of Ransomware Do I Have?
Thanks to our friends at ID Ransomware you can submit an infected file, along with the ransom note, through their process and they will be able to tell you exactly what type of ransomware that you have encountered. Once they identify the strain of ransomware that you have been affected with, if possible, they will provide you with a step-by-step process to download for decrypting the virus allowing you to recover your files and/or the shared network. It's a good idea to know which strain that you have been impacted by, because there isn't one decryption that fights all of the types out there.
Why Do I Pay With Bitcoin?
When you are affected by a ransomware attack, you are more than likely going to be instructed to pay the ransom using Bitcoin. The reason for this payment method, is that Bitcoin is an untraceable currency that us transferred from user to user without the use of a centralized authority. This means that banks and government agencies are no longer involved in the transaction process. Although the transactions are completely open to the public, the people who are using the service can stay completely anonymous.
There have been other, rare, instances in which the perpetrators have asked for payment in the form of Amazon or iTunes gift cards.
If I Pay the Ransom, Is the Ransomware Gone?
It is important to note that when you pay the ransom that is demanded by the malware virus, it will unlock you device/network/files, however the malware is still present and can attack at any point in time, again. Usually, within the malware there is other harmful software that can stick around and be used to steal payment information, passwords, and other type of vital information.
Where Can I Report Ransomware?
If you are infected with Ransomware, you should always report it to the FBI's Internet Crime Complaint Center (IC3). Make sure that you include any and all information that was disseminated by the attacker, the infectious email with header, and Bitcoin address (if possible).
Where Can I Get Security Awareness Training for Ransomware?
One of the most valuable things that you and the rest of your company can do to combat Ransomware is to go through Security Awareness Training. This training will provide you insightful information on how to recognize emails that could be potentially harmful. We will also take the time to show you exactly what a ransomware attack looks like, in real-life. We also provide a mock trial to certify that all users understand how to recognize these attacks.
Ransomware Prevention
The best way to make sure that your company is protected from a Ransomware attack, is to take a layered approach to security, rather than having just one solution.

1. Security Awareness Training
The only way to know what you are looking for, when it comes to malware infections, is for you to see it first-hand. Understanding what the most up-to-date cyber criminals are doing to you is the best way to counteract the ransomware attacks. When you take our Security Awareness Training course, you will have hands-on experience of identifying and dealing with a mock ransomware attack.
2. Internet Security Products
There are many different products on the market for you to purchase in an effort to protect your computer and company
network. However, these products are not 100% reliable as the cyber attackers are constantly testing their malicious software against the weaknesses of these products, in an effort to circumvent the sole reason of having them in the first place.
3. Antivirus Software
This implementation of AntiVirus is a recommended first step in trying to secure your devices and network from malicious cyber attacks. The one item to note with these, is that you will want multiple antivirus software that will work with each other and create a layered defense, rather than having just one.
The list of antivirus products below was proven the most effective at preventing malware:
- Avira Antivirus Pro 2015
- Kaspersky Internet Security 2015
- Bitdefender Internet Security 2015
- Norton Security 2014 & 2015
- Trend Micro Internet Security 2015
4. AntiMalware Software
The use and implementation of AntiMalware software is incumbent upon the user, alongside the use of the aforementioned AntiVirus software.
5. Whitelisting Software
The use of whitelisting software allows only software that you approve or is known to the software to run or execute on your system, while all other applications are prevented from running or executing.
6. Backup Solutions
One of the most stressed solutions for protecting yourself against an attack of any kind, is to have a backup plan in case the original plan fails you. In this case, that would be the implementations of backup solutions where you can have your files and information automatically backed up to a cloud. On top of the cloud backup, we also recommend the use of an external hard drive.

