While we have all sorts of technologies to protect the computer systems and the data, cyber-attacks are still rampant today. The latest to add to this list is the global ransomware attack by WannaCry or WanaCrypt0r 2.0 that has hit around 100 countries within a timeframe of 48 hours.
The attack, not only has hit hospitals, telecommunications, rail systems and courier services but has also affected individual systems and organizations.
What is WannaCry?
WannaCry is being considered the major reason behind the attack. Also known as WanaCrypt or Wcry, it is a type of ransomware that encrypts files on the host’s system with an intention to extort money.
Using an exploit stolen from USA’s NSA (National Security Agency) the attack gave a tough time to various institutions affected. Ransomwares like wcry, are finding their ways into the users’ systems through emails and SMB ports.
By encrypting the files on the system, the user is deprived access to his/her own files with a note that states, “Your files are encrypted” and “To get the key to decrypt files, you have to pay 500 USD.”
This is not the only case, Hollywood Presbyterian Medical Center was also struck by a ransomware attack. According to the Wired Magazine, the entire computer system of the hospital was infected by a ransomware virus, known as Locky. As the name sounds, it locks the user out, and denies decryption unless a ransom demand is fulfilled.
The IBM X-Force researchers who were continuously tracking down the trends behind such attacks, noted that in 2016, the ransomware spam reached 6000%, as compared from 0.6% of spam emails in 2015, to an average of 40% of email spam in 2016. This situation is only going to worsen in 2017.
How these victims survived these attacks or what solution they got, will be discussed in the later sections of this write-up. Before we suggest some solutions, it’s important that you understand what ransomware is and how it affects your computer system.
What is Ransomware?
According to Kaspersky, “Ransomware is a type of malware that severely restricts access to a computer, device or file until a ransom is paid by the user.”
The present era is witnessing the rise of internet users, and along with it, the cybercriminals, who want to make illegal money out of this burgeoning market. Ransomware attacks are targeted with the sole aim of making money. Attackers sabotage your personal files and computers and deny access until you pay the ransom in return, which they usually demand in bitcoins.
The horrible state of inaccessible files and computer systems, make ransomware one of the most dangerous malwares of our time. The market has witnessed two common types of such viruses:
- Encrypting Ransomware: This particular malware encrypts the user files, networks and data, and demands a decryption price or ransom, mostly in bitcoin. CryptoLocker, Locky and CryptoWall are some of its examples.
- Locker Ransomware: Infection by this ransomware will deny your access to the computer system. It will lock you out and will demand a ransom if you want to regain access. The common examples include “Police-themed”, ransomware and Winlocker.
While both the types are targeted at denying access to something that you want, crypto-ransomware or encrypting ransomware is particularly harmful. How?
Locker Ransomware, simply locks the user interface that stops you from accessing the system. It will not allow you to log into the system. In some cases, even the mouse and some of the keyboard functionalities are also denied. As the virus attack is on the user interface, chances are there that the underlying systems are safe, and hence the malware can be cleaned easily.
In case of crypto ransomware, the condition is worse. The files and data are locked or encrypted such that it may result in absolute data loss. The data can range from person to person. For some, it may be a lost family album, while for a professional, it may be loss of an important financial report. Anything can be encrypted, be it any document, video, audio or any image. Thus, crypto ransomware directly hits your valuable data.
So, what are the possibilities to protect your system from a ransomware attack? Or How to deal with a CryptoLocker?
How to protect your computer system from a ransomware attack?
Ransomware is definitely a serious threat to your computer system. Hence, precaution is always better than cure. If you are able to stop the virus from entering your PC, then you can rest assured of your data. But for that, you should know how you can fall victim to a ransomware attack:
- Suspicious and spam emails are the secret paths for these intruders. You may receive some malicious emails probing you to download them. It may sound like “You have won the lucky draw, open attachment to claim your money.” Unknown email IDs and very similar looking brand names can mislead you to download a wrong attachment, and get malware installed on your system.
- USB drives that are already infected with the virus. When you use your drives on multiple devices, most commonly on public computers, you might unknowingly invite viruses.
- Some viruses get installed while you are downloading third party software or exchanging files on a network.
- Following any link leading to a comprised or hacked website can also let the malware into your system from already-present malware on your systems.
Now that we know from where these malwares can enter your computer systems, let’s have a look at the preventive measures.
Secure your email
Email protection against any intrusive, malicious, unrecognized mail ids can prove to be a great prevention against the malware. Taking an email hosting from trusted providers like ZNetLive, gives you filtered access to your email, and protection from any intruder. The email service should also provide protection against spam. Also you should not:
- Open any suspicious or unrecognized email.
- Open links in a suspicious mail.
- Download attachment from unrecognized sources.
Protect your browser
Protecting your browser can also help. Always keep your system software and browser version updated. A small loophole in software might cost you your system. You can also install a good quality Antivirus software that may block pop-ups, and warn you before opening infected websites.
Backup you data
We know, you will not leave any stone unturned in order to protect your data. But still, the best practice should be to regularly create backup of your data. Creating a backup in Cloud would be the best. Cloud backup services save and protect your data and makes it available if any disaster strikes.
Aware yourself and the people around you
Ransomware is not a new malware, the first cases were found in Russia in the year 2005. But at that time, the victims were lesser. But gradually, the cybercriminals started using it as a good weapon for money extortion. Hence, each one near you, whether a personal home computer user or an office colleague, should know about this malware and take every possible step to protect the system.
How to get rid of the Ransomware malware?
The ransomware is a gruesome problem that needs to rightly tacked down and dealt with. The FBI and other international law enforcement bodies have been issuing warning against such threats and their rising numbers.
With cryptocurrencies like Bitcoin, the attack has become more severe as now the attackers have found a way to extort money with anonymous identity. The FBI even estimated that the ransomware is on the pace to become a $1 billion source of earning for cybercriminals by 2016-year end, the number is expected to grow in 2017.
Paying ransom is not the end option as there is no guarantee that you will get the system or files back.Here are some tips to help you rescue your system from a ransom attack.
- Try running system under Windows safe run and other Microsoft ransomware removal tools.
- Try system restore, by pressing the F8 key on your keyboard.
- Install and run bootable scanners like Avast, AVG, Norton or Kaspersky.
- Make sure you keep Windows firewall updated and always on and keep file history enabled.
The ways of recovery depends upon the severity of the ransomware attack. The more you are aware of the software, the better you can protect your system. We here at ZNetLive, take every possible measure to provide server and website level security to improve your hosting experience.
Through this write-up, we want to make you aware so that your data, files and computer system are always protected.
If you have any doubt or queries regarding ransomware, feel free to drop them in the comments section below, and we will be happy to assist you.