Ransomware Explained

computer with lock on it - ransomware explained

Ransomware Defined

The word “ransomware” is a portmanteau of the words “ransom” and “malware.” (Of course, “malware” is a portmanteau of the words “malicious” and “software.”) In simple terms, ransomware is malicious software that takes over a computer or a network of computers and encrypts the files. Additionally, ransomware may steal files as well. The victim is then offered a “key” to unencrypt their files and get back in operation. If files were stolen, the user may be blackmailed into paying to get them back without them being released. Of course, the “key” is not free. Scammers may want hundreds, thousands, or even millions of dollars to unlock the files.

The Ransomware Target Has Changed

In the very early days of ransomware, hackers targeted people like you and me. The average computer user is a pretty easy target, generally speaking. Some of us will click on any attachments sent in email without thinking! Additionally, many users had adopted the “I’m not doing updates because there’s nothing wrong” attitude. This type of thinking left home and small business computer users as soft targets.

Even though home users are usually easier to hack, very few of us are going to pay $5 million like Colonial Pipeline did. Hackers/scammers aren’t dummies. They soon realized that the potential for hauling in big bucks centered on big companies and not the average home user. However, security at large companies has gotten much better so scammers are headed back to home users again. Whatever relief we had from worrying about ransomware is over.

What Allows Ransomware Infections?

In analyzing ransomware attacks after the fact, companies and home users become victims for the same reasons:

  • Operating System and App updates are not installed as soon as they become available.
  • Anti-virus/anti-malware is allowed to run out or fall behind in updates.
  • Separate off-site backups are not kept, not kept up-to-date, or never checked to see if they are actually working.
  • Computer users are not properly trained regarding email attachments, SMS text messages, Social Media attacks, and malicious links – both email and website. As a result, users often click or tap links that should not be clicked or tapped.
  • Computers with defunct operating systems are allowed online. (See HERE.)
  • Passwords are insecure or stored as text files on a machine.
  • Two-factor authentication is not used.
  • The same password is used over multiple sites.

Some Final Notes About Ransomware

  1. The FBI and Homeland Security tell companies and individuals to NOT pay a ransom. See HERE. (Note the heading “Reporting Information” which appears on the right near the bottom. You may need to scroll down to find it.)
  2. I never recommend external drive backup for a variety of reasons including the fact that files on the backup drive can be encrypted along with your computer files.
  3. Although what these scammers do is discouraging, the computing world and the Internet are here to stay. Instead of packing everything up, get smarter. (You’re on your way because you read this blog!)

4 thoughts on “Ransomware Explained

Comments are closed.