- Ransomware is a kind of malware that can lock you out of all of the files on your computer unless you agree to pay a ransom fee.
- If you’re infected with ransomware, you should avoid paying the fee, and instead “roll back” your computer to a point before you had the virus.
- The best way to avoid being damaged by viruses like ransomware is to backup your files often, and keep your anti-virus software and computer updated.
- Visit Business Insider’s Tech Reference library for more stories.
While all malware is bad, ransomware is especially insidious â€” once it infects a computer, it’s usually designed to encrypt all the files until a ransom fee is paid.
The only thing you’ll be able to do with an infected computer is read the ransomware payment instructions and submit payment. Most of the time, the payment needs to be made in the form of bitcoin, and after payment is made, you’ll be given a decryption key.
Ransomware can hit both Macs and PCs, but the overwhelming majority of them are made for Windows PCs.
How ransomware works
A ransomware infection appears like most other kinds of malware. Generally, you’ll get ransomware by opening an infected file that comes through an email or website.
Ransomware can be part of a phishing scheme; for example, you might get an email asking you to verify an invoice or pay a bill, but the attached file is actually the ransomware payload.
Once infected, the ransomware moves quickly to encrypt your files and lock you out of tools that can be used to stop the attack. Depending upon the ransomware variant, it might also delete or encrypt files stored on your external hard drives, network devices, or connected cloud services (OneDrive, Dropbox, etc.). Then you’ll be told to pay a certain amount of money, usually within a few days, or you’ll lose your files.
What to do if you get ransomware
If you’re infected by ransomware, most security experts recommend not paying the ransom. Not only does paying it embolden and encourage ransomware criminals, but there’s no guarantee you’ll get the decryption code â€” or that it will work properly.
Instead of paying the ransom, proactively protect your computer before you’re infected. This means making sure that all your important data is backed up.
The safest way to backup your data is with an external hard drive, using backup software that uses versioning. Versioning ensures that each backup of your PC is treated as a separate version, so if you happen to back up an infected file, you can “roll back” to an older version that’s not yet been infected.
And don’t leave the drive permanently connected to the computer; when the backup is complete, disconnect it so malware can’t infect it.
In addition, there are tools at your disposal to fight ransomware even after an attack. No More Ransom and ID Ransomware, for example, are no-cost services you can use to try to decrypt an infected computer. Both tools have an ever-growing database of ransomware that can help you.
How to avoid ransomware
Ransomware is just another kind of malware, so the same tips to avoid viruses apply here as well.
- Use anti-malware software, and in particular consider protecting yourself with anti-ransomware software. Some popular anti-ransomware tools include Acronis Ransomware Protection,Check Point ZoneAlarm Anti-Ransomware, and Malwarebytes Anti-Ransomware Beta.
- Keep your Windows or Mac computer up to date with the latest patches and security updates. The famous WannaCry ransomware hack spread quickest among older Windows computers that hadn’t installed any new updates in years.
- Never click any links you don’t completely trust. This is age-old advice; don’t open emails and attachments unless you trust the source, and don’t visit or click links on dicey websites. Try to keep to credible and legitimate sources for downloading software, both on your computer and mobile devices.