Never Pay The Ransomware

You wake up one morning, bleary eyed and turn on your computer before making your first cup of coffee. When you return to your machine, all you can see is an error screen. Your files have been encrypted and locked, and only a specific key can unlock them! This key is held on an external server, and you have to pay £100 to an unknown account to unlock it. If you don’t your files will be destroyed. What’s going on? You have been the victim of a particularly nasty form of computer virus – ransomware.

What Is Ransomware?

Ransomware is a kind of malware infection – a virus that has found its way into your systems. You don’t have to worry about hunting to find it – ransomware makes itself known very quickly. If you have been infected with ransomware, your computer will suddenly freeze, followed by a display stating that your machine has been locked. The screen will also tell you that if you pay a sum of money you will be allowed back into your machine. The amount of money is rarely under a hundred pounds, sometimes climbing up above a thousand. Sometimes the message won’t be as simple as ‘we’ve locked you out’. Sometimes it will be a threat – pay us £500 within 24 hours or everything you know and love on your computer will be erased and gone forever. You can try restarting your system or even installing a new hard drive – the message would not go away. Ransomware isn’t just limited to your computer either – mobiles and tablets are just as susceptible to infection, resulting in a completely locked down and useless device. The message you see will vary depending on the developer of the ransomware, but this is a pretty typical example:

Screen Shot 2016-08-10 at 16.14.33

What Happens If I Just Pay?  

Usually, absolutely nothing. In the early days of ransomware (around 2013), many cyber criminals were good to their word and released the ransomed files once they received their money. However, that simply spurred people affected to just pay up rather than look for an alternative solution. Seeing this, other cybercriminal rings jumped on the trend, and soon there were thousands of users afflicted by ransomware that wasn’t so honest. Sometimes the ransomware would appear to unlock your system and return access to your files if you paid, so you would go on about your business. But when you booted your computer up again the next day, you would be locked out once more, with more money being demanded of you. Ransomware will almost always ask for currency transfers to untraceable prepaid cards, or through other mediums like Bitcoin or MoneyGram. Today, it is very rare that simply paying the ransomware will make it go away, and it often leaves behind a lot more trouble than you realise in the form of other malware infections.

How Did I Get It, And How Do I Get Rid Of It?

Malware is spread in pretty much the same manner, no matter what kind it is. Spam or phishing emails containing links to infected sites – maybe sent from an unknown email address, maybe seeming to come from a friend. Infected attachments on emails are a big culprit, along with scam popups and ads online. The popularity of the Internet has meant that malware has ample opportunity to spread and grow, which is why it is so important to have a robust anti-virus solution. If you do become infected with ransomware, you need to take steps to remove it (instead of paying it). For Windows machines, you can enter safe mode and run a virus scanner to locate and delete the program, or do a complete system restore or repair. Microsoft has a great guide for removing ransomware here. If you run a Mac, the process is a little more involved – there’s a guide to removing ransomware from Mac machines here. Once you have removed the ransomware you can go about restoring your machine from a backup and recovering your files. Be sure to check your anti-virus is working properly as well!

Of course, even the best anti-virus software lets one through the net every once in a while, which is why it’s crucial to have a backup plan. In this case, we are being quite literal. Back. Up. Everything. And make sure you do it regularly. At the core, ransomware exploits people’s unwillingness to back up their most precious data onto a separate machine or server – meaning they can hold your files hostage and expect you to pay because they are the only versions in existence. By backing up your data routinely to a completely separate system or hard drive, you are mitigating any risk even if you do become infected – because you have copies of everything the malware is holding hostage elsewhere. For advice on how to avoid becoming a target for ransomware, or to discuss backup and anti-virus solutions, get in touch with our team today for your free consultation.