By a NortonLifeLock employee
Article
The idea behind ransomware, a form of malicious software, is simple: Lock and encrypt a victim’s computer or device data, then demand a ransom to restore access.
In many cases, the victim must pay the cybercriminal within a set amount of time or risk losing access forever. And since malware attacks are often deployed by cyberthieves, paying the ransom doesn’t ensure access will be restored.
Ransomware holds your personal files hostage, keeping you from your documents, photos, and financial information. Those files are still on your computer, but the malware has encrypted your device, making the data stored on your computer or mobile device inaccessible.
While the idea behind ransomware may be simple, fighting back when you’re the victim of a malicious ransomware attack can be more complex. And if the attackers don’t give you the decryption key, you may be unable to regain access to your data or device.
Knowing the types of ransomware out there, along with some of the dos and don’ts surrounding these attacks, can go a long way toward helping protect yourself from becoming a victim of ransomware.
Ransomware attacks work by gaining access to your computer or device, and then locking and encrypting the data stored on it. How does this happen? It often happens when victims mistakenly download malware through email attachments or links from unknown sources — which happen to be hackers.
Ransomware prevents you from accessing the files stored on your computer. This malicious software essentially holds your files hostage, which can wreak havoc on an extremely broad scale for larger organizations.
While a ransom is demanded, there’s no guarantee your data will be restored if you pay that ransom. Even if you pay, the attackers may never give you the decryption key. This makes ransomware tricky to navigate.
Ransomware attacks can be deployed in different forms. Some variants may be more harmful than others, but they all have one thing in common: a ransom.
Here are seven common types of ransomware.
This form of ransomware can cause a lot of damage because it encrypts things like your files, folders, and hard-drives.
One of the most familiar examples is the destructive 2017 WannaCry ransomware attack. It targeted thousands of computer systems around the world that were running Windows OS and spread itself within corporate networks globally.
Victims were asked to pay ransom in Bitcoin to retrieve their data.
Locker-ransomware is known for infecting your operating system to completely lock you out of your computer or devices, making it impossible to access any of your files or applications.
This type of ransomware is most often Android-based.
Scareware is fake software that acts like an antivirus or a cleaning tool.
Scareware often claims to have found issues on your computer, demanding money to resolve the problems.
Some types of scareware lock your computer. Others flood your screen with annoying alerts and pop-up messages.
Commonly referred to as leakware or extortionware, doxware threatens to publish your stolen information online if you don’t pay the ransom.
As more people store sensitive files and personal photos on their computers, it’s probably not surprising that some people panic and pay the ransom when their files have been hijacked.
Otherwise known as “Ransomware as a service,” RaaS is a type of malware hosted anonymously by a hacker.
These cybercriminals handle everything from distributing the ransomware and collecting payments to managing decryptors — software that restores data access — in exchange for their cut of the ransom.
Mac operating systems were infiltrated by their first ransomware in 2016.
Known as KeRanger, this malicious software infected Apple user systems through an app called Transmission, which was able to encrypt its victims’ files after being launched.
Ransomware began infiltrating mobile devices on a larger scale in 2014.
What happens? Mobile ransomware often is delivered via a malicious app, which leaves a message on your device that says it has been locked due to illegal activity.
How did ransomware get started? While initially targeting individuals, later ransomware attacks have been tailored toward larger groups like businesses with the intent of yielding bigger payouts.
Here are some notable dates on the ransomware timeline that show how it got its start, how it progressed, and where ransomware is now.
Ransomware remains a popular means of attack, and continues to evolve as new ransomware families are discovered.
Ransomware can spread across the internet without specific targets. But the nature of this file-encrypting malware means that cybercriminals also are able to choose their targets. This targeting ability enables cybercriminals to go after those who can — and possibly are more likely to — pay larger ransoms.
Here are four target groups and how each may be impacted.
There are steps you can take to help protect your computer and devices against being infiltrated by ransomware. Here’s a list of tips to remember.
Victims of ransomware attacks have various possible options to get their data back. Here are three:
Depending on the type of ransomware you’re dealing with, it is possible to remove file encryption ransomware. To do so, consider taking the following steps.
Ransomware is a profitable pursuit for cybercriminals and can be difficult to stop. Prevention is the most important aspect of protecting your personal data. To deter cybercriminals and help protect against a ransomware attack, keep in mind these eight dos and don’ts.
With new ransomware variants appearing, it’s a good idea to do what you can to minimize your exposure. By knowing what ransomware is and following these dos and don’ts, you can help protect your computer data and personal information against becoming a ransomware target.