Ransomware is a malicious program that locks down a user to gain access to their information/data by locking the hard disk. The locking mechanism typically works by encrypting the disk with a private key, which only the attacker has access to.
The attacker’s first step is to get the system infected by the malware, second is to encrypt data to restrict user access and third and final is to demand a ransom to remove the restriction.
The scheme has worked really well lately and we’ve seen a significant growth during 2016. The targets are not only private users, but also companies and even hospitals.
As recently as February 5th, Medical Canter in Los Angeles paid $17,000 in bitcoins to regain access to data. The number of threats is growing and this time Apple users have also been affected.
From what I have read and heard, ransomware is a very sophisticated attack and yet very easy to execute since there are crimeware services that provide attackers with a platform. It can be enough for an attacker to provide the email addresses they want to target and then sit back and wait for the money to arrive.
What can be done? How do we protect ourselves?
Be smart and wise, avoid suspicious emails and adware, update your antivirus and make sure that your antivirus software provides security against ransomware, do not use untrusted software and ALWAYS ALWAYS make a backup.