How Does Ransomware Get on Your Computer?September 24, 2020 | By Comodo
Ransomware remains one of the biggest security challenges on the World Wide Web. It is also one of the biggest and most common forms of cybercrime that many global organizations face today. Ransomware encrypts documents and files on PCs and even entire networks and servers.
Victims of Ransomware attacks are often left with very few choices: they can pay a ransom to the malicious actors behind the attack to regain access to their encrypted PC or network or restore their files and documents from backups.
How Does Ransomware Get on your Computer?
Ransomware can get on your computer in several ways. But the most common of them all is via the spread of malicious email. Malicious emails carry malicious attachments and scripts which are sent to many individuals. And if any of them receives and opens the email, their PCs or network will be infected with malicious code.
The second most common method that ransomware gets on PCs is via the use of social engineering. This involves the persuasion of someone reading an email or a post on an infected website to click a link that looks legitimate. Cybercriminals make use of government entities to pretend and demand huge ransoms while violating cyber law. They scare the victim and force them to make payment using fear tactics.
Malvertising is another method that criminals use to infect internet user’s devices with malware. It involves making bogus ads on the internet, and via these ads, a malicious script is subtly transferred to the victim’s computer. The process keeps repeating itself until the infection is transmitted to other clean networks and computers.
What are the Possible Repercussions of Ransomware?
Ransomware attacks target individuals and organizations. The negative consequences or impact that occurs as a result of ransomware attacks include:
- Complete disruption of regular or consistent operations
- Temporary or even permanent loss of proprietary information or sensitive data
- Potential harm to the reputation of an organization
- Massive financial losses incurred to restore files and systems
Moreover, paying the ransom is not an ultimate guarantee that the encrypted files will be restored or released. The only guarantee is that the malicious attacker receives the money, usually in virtual currencies, along with the victim’s banking information in some cases. The latter further enhances the victim’s vulnerability as their bank accounts could be hacked.
Decrypting infection is not an indication that the malware infection itself has been deleted or removed. It could be lurking somewhere on the hard drive and initiated at the behest of the malicious actor at a later date.
Signs that your System Has Been Infected with Ransomware
Your desktop or web browser will be locked with a message about how to unlock your system or pay the ransom demanded. Your file directories may contain a ‘ransom note’ file that comes in a .txt file.
Every one of your files will bear new file extensions appended to their filenames. Examples of ransomware file extensions include: .CTBL, .XRNT, .XTBL, .HA3, .zzz, .xyz, .ccc, .aaa, .vvv, .xxx, .ttt, .micro, .encrypted, .r5a, .magic, .bleep, .LOL!, .OMG!, .good, and so on.
What Can You Do to Protect Against Ransomware?
So, what can you do to protect your PC or systems from getting infected with ransomware? Here are a few tips to keep in mind, which will significantly minimize your chances of getting infected with the malware:
- Create a data-backup-and-recovery plan for all sensitive information.
- Conduct and test backups consistently to severely limit the impact of system or data loss as well as to speed up the recovery process.
- All operating systems and software must be up-to-date with the most recent patches. Ignoring this step will make your applications and operating systems vulnerable to malware attack. By patching your apps and operating systems with the latest updates, the number of exploitable entry points is significantly minimized or reduced.
- Network-connected backups have been proven to be susceptible to Ransomware attacks. Therefore, ensure all crucial backups are isolated from the entire network for optimum protection.
- Ensure your anti-virus is always up-to-date. Thoroughly scan software downloaded from the Web before you run them.
- Do everything in your power to not enable macros sent via email attachments. If you open an attachment and enable macros, you have made your PC or applications vulnerable to a ransomware attack. This is because the embedded code that comes with the attachment will trigger or activate the malware on your PC or network.
- Use advanced security systems to block advanced threats.
Despite the prevalence of Ransomware attacks these days, you can prevent the malware from getting on your computer by following the tips discussed in this article. Ensure you have dependable security software and a regular backup in place.