Ransomware are malicious programs that block access to your device until you pay a ransom fee to its creator. It is often very difficult and expensive to remove.

What is Ransomware?

Ransomware locks and encrypts your files and programs on your computer and demands a ransom for their release. The fee to unlock your device is usually several hundreds of rands.

What Does Ransomware Do?

Basic ransomware will lock your device so you can’t access your files and programs.

More advanced ransomware will encrypt your files completely. You’ll need a special key to decrypt them, which is what the ransomware creator “sells” to you when you pay the ransom.

How Does Ransomware Spread?

The most common mode of infection is via spam messages. Victims are tricked into opening an infected email attachment which downloads the ransomware onto their computer. In may cases, these emails appear to be from friends, colleagues, or family members.

Ransomware can also target your device through file sharing and malicious websites.

How Can Ransomware Hurt Me?

Ransomware extorts money from its victims. You are faced with the choice of paying the ransom or losing your files and programs. So you have to evaluate how much the information in your files is worth. Ransomware is especially vicious when a home computer is infected and sentimental items such as family photos are lost. One case that I had to deal with involved a friend who was recently widowed. Her computer was infected with ransomware and she lost access to all her later husband’s photos and documents.

3 Ransomware Myths and Facts

  1. Myth: If you pay the ransom, you’ll get your data back.
    Fact: According to CyberEdge, over half of ransomware victims who paid the ransom never regained access to their files. If you ever fall victim to a ransomware attack, it is better to seek further help and to not pay the ransom.
  2. Myth: Ransomware only attacks businesses, and not individuals.
    Fact: Ransomware does not discriminate. Both business networks and individuals can fall victim to ransomware attacks, and in the case of individuals or home users its effect can be a lot more devastating.
  3. Myth: Backups will always restore your data.
    Fact: Although we strongly recommend regular backups, it may not help if your data is being held to ransom. Many ransomware programs can gain access to your backups as well if they are based on a hard drive connected to the computer. Often, if you manage to restore your data, you risk re-installing the ransomware, as well.

How to Deal with Ransomware

Although there are a few steps you can take to regain control of your device after a ransomware infection, the best cure is prevention. Always make sure that your files backed up in multiple places so you can restore them if you need to.

If your device is infected with ransomware, you will need some technical know-how to restore it. If you’re not confident with computers, it may be a good idea to disconnect your device and take it to a trusted repairer instead.

You should never pay the ransom fee. You have less than a 50% chance of getting your files back, and it helps to finance this nefarious cybercrime.

Do not unlock or recover any files without reinstalling your operating system first. If you do, traces of malware might still be left on your computer.

  1. Disconnect your computer from other devices and from your network. This will stop the ransomware spreading to other devices.
  2. Take a photo of your screen so you can file a police report.
  3. If your backup drive wasn’t connected when the infection hit, plug it into another device to make sure your backup is valid. If ransomware has also attacked your backup, it could spread to other devices.
  4. If your back up is clean, you can reinstall your operating system, or reset your device to its factory settings.
  5. Once you have reinstalled your operating system, run an antivirus scan to ensure your device is free of ransomware. You can then restore your backup.

If your backup is in cloud-based storage, like Google Drive: complete all of the above steps, checking that your Google Drive files haven’t been infected either.

How Can I Stay Safe Online?

Use a VPN

VPNs are powerful tools that boost your online security. VPNs allow you to access the internet anonymously and protect your internet traffic from hackers, trackers, and spies.

Some VPNs offer built-in malware blockers. This stops malware before it can infect your device.

Currently two best VPNs for protecting your computer from malware are NordVPN and ExpressVPN. (Personally I use NordVPN)

Use an Ad Blocker

Malware creators run ads on reputable websites that can install malware on your device. Ad blockers prevent these ads from running, so they can’t infect your computer.

Install Antivirus Software

Antivirus software is a must-have on any device, including phones and tablets. It scans your device for malicious files and quarantines or deletes them to protect your data.

Antivirus software can remove most malware programs before they damage your device, but you must keep it up-to-date so it can recognize the latest threats.

...NEXT TIME: Phishing schemes that target academics.