What is ransomware?
Ransomware is a program which locks a computer, tablet or smartphone and demands a ransom to unlock it. Ransomware is a kind of cyber attack that involves hackers taking control of a computer system and blocking access to it until a ransom is paid.
How does it spread?
Ransomware is a program that gets into your computer, either by clicking on the wrong thing or downloading the wrong thing, and then it holds something you need to ransom.
In the case of WannaCry, the program encrypts your files and demands payment in bitcoin in order to regain access. According to computer security experts there is no assurance that access will be granted after payment. Some ransomware may encrypt the same files again after a few days, demanding more money and threatening to delete files altogether.
There are different variants of what happens: Other forms of ransomware execute programs that can lock your computer entirely, only showing a message to make payment in order to log in again. There are some that create pop-ups screens that are impossible to close, reading the machine impossible to use.
What is WannaCry?
WannaCry is not just a ransomware program, it’s also a worm. This means that it gets into your machine and looks for other machines to try and spread itself as far and wide as possible. Ransomware has a habit of mutating and so it changes over time in order to find different ways to access computers or to get around patches (operating system updates that often include security updates). Many computer security firms are already aware of WannaCry programs in past forms and most are looking at this one right now to see how it might be stopped.
Several cyber security firms said WannaCry exploits a vulnerability in Microsoft and that Microsoft patched this in March. People don’t always install updates and patches on their computers and so this means vulnerabilities can remain open a lot longer and make things easier for hackers to get in.
How to prevent ransomware attacks:
- Make sure all software on your system is up to date, including your operating system, browser and any toolbar plug-ins you use.
- Ensure that your antivirus software and firewall protection is up to date.
- Avoid opening unwanted and unverified emails or clicking links embedded in them.
- Back up important files using the 3-2-1 rule – create 3 backup copies on 2 different media with 1 backup in a separate location.
- Regularly update software, programs, and applications to protect against the latest vulnerabilities.
While Ransomware attacks is a big contribution in Cyber crime, one can be prepared by taking the above precautions. Since the most common passage of this virus is via emails and websites, so beware of phishing emails and do take help of a good antivirus.