Ransomware looked like it was on the decline in 2022, but a recent report by Chainalysis showed a significant rebound in 2023 — so much so that it was the most profitable year for ransomware seen so far.
You really don’t want to be a ransomware victim. Don’t know what ransomware is or why you should care? Here’s everything you need to know to stay safe and avoid ransomware troubles.
Further reading: How to prevent (or survive) a ransomware attack
What is ransomware?
Ransomware is a type of malware that encrypts critical files on your device or otherwise blocks access to critical components, then forces you to pay a ransom to regain access to the encrypted files.
The algorithms used in ransomware attacks are strong, so it’s unlikely you’ll be able to break the encryption on your own.
Once your files are locked, the ransomware will prompt you to send payment if you want your files freed. Usually the payment is demanded in the form of cryptocurrency like Bitcoin, which makes it harder to track down the attackers via paper trail.
Check out our top pick for antivirus software
Who’s at risk of ransomware attacks?
Technically, everyone is at risk of ransomware attacks. There are many different strains of ransomware, though, and each one targets a different type of victim, from individuals to entire companies.
In recent years, cybercriminals have mainly focused on attacking governments, businesses, and organizations because they tend to have the most valuable data and are the most willing (and able) to make ransom payments to recover that data.
Does that mean you don’t have to worry? Not quite. There are still active ransomware strains out there that seek to infect any and all devices, which means any device of yours that’s connected to the internet is at risk — yes, including mobile devices!
How much does ransomware cost?
Depending on the ransomware strain, the actual ransom can range anywhere from a few hundred dollars to over a million dollars.
For example, the Leex ransomware demands $490 within 72 hours of infection. If you wait longer than that, the ransom doubles to $980. This is on the lower end of the ransomware spectrum.
And then you have stories like the Colonial Pipeline ransomware attack, where the company paid a ransom of $5 million one day after their IT network was hacked by foreign cybercriminals.
In Q3 2023, the average ransomware payment in the United States was $850,700 according to Statista. Meanwhile, in 2023, the average cost of a data breach caused by a ransomware attack was $5.13 million according to IBM’s Cost of a Data Breach 2023 Report.
JLStock / Shutterstock.com
JLStock / Shutterstock.com
JLStock / Shutterstock.com
How do I get infected by ransomware?
Ransomware infections can happen in many ways, but here are some of the most common attack vectors for individuals:
Phishing. Cybercriminals send out emails with malicious attachments, hoping you’ll download and open them. When you do, the ransomware activates and infects your system. These emails usually convey a sense of urgency so you’ll panic and act before thinking.
But it’s not just emails. Phishing can also happen through SMS or messaging apps. You may receive a text message pretending to be from a reputable company, asking you to click a link for some urgent reason (e.g., win a prize, confirm details, avoid a ban, etc.). But when you click it, you unknowingly download ransomware to your device.
Shady downloads. Any time you download software on the web, you have to be 100% sure that you trust the source. Lots of shady sites pretend to offer free downloads for popular premium software, but they end up serving you malware instead — including ransomware.
Security vulnerabilities. If you have out-of-date software or systems that have fallen behind on security patches, attackers may be able to exploit vulnerabilities to gain access to your device and plant ransomware.
Similarly, attackers could gain control of your device through things like Microsoft’s Remote Desktop Protocol (RDP). If your RDP credentials are weak, attackers could gain access via brute-force; if your RDP credentials are leaked, they could acquire them and gain access that way. Then, once they have access, they can plant ransomware.
Further reading: Must-know PC security tips
What are the signs of a ransomware infection?
Your security software is turned off. Some ransomware can detect that you have security software installed and disable it to avoid being caught. If you notice that your security software is suddenly off for some reason, it’s worth looking into.
Your device is hot, laggy, or noisy. Lots of ransomware will first scan your device for files, then encrypt them. The encryption process can be resource-intensive, resulting in system slowdowns, battery drain, high CPU temps, laggy applications, and loud fans. If you notice these signs out of the blue, check for malware.
Your files have weird extensions. When ransomware encrypts a file, it may tack on a different extension to the filename. For example, the STOP ransomware adds the “.STOP” extension to encrypted files, turning “image.jpg” into “image.jpg.STOP” and so on.
Other examples of ransomware that change file extensions include Djvu, Leex, Mercury, and Shadow.
You can’t access files you normally could. If you have documents, images, or other files that should be accessible but aren’t anymore for some reason, they may have been encrypted by ransomware — even if their file extensions haven’t changed.
Similarly, if you find that certain files have gone missing and you’re absolutely positive that you didn’t delete them, it’s possible that they’ve been taken captive by ransomware.
You see a ransom note. The most unmistakable sign of a ransomware infection is that you find a strange new text file on your desktop with a filename like “DECRYPT_INSTRUCTIONS.txt” or “How_to_Recover_Files.txt” or similar. Within that text file you’ll likely find ransom payment instructions.
Alternatively, you may see a pop-up message with ransom details or you may get locked out of your system and see ransom instructions.
Autentifică-te pentru a adăuga comentarii
Alte posturi din acest grup
Anker remains one of our preferred sources of power banks, USB-C hubs
Stop us if you’ve heard this before: Microsoft encourages you not to
Who needs a smart home hub you can snag cheap Wi-Fi smart bulbs that
If there’s one thing you absolutely need every day, it’s a fast charg
