Ransomware: How Attackers Make You Pay

How scary does that headline sound?  Ransomware makes you pay for your own information?

Yes!  You have to pay a ransom to get you information back.  Information that has been locked by an attacker.

It sounds like a James Bond movie right?

Well, truth is this stuff happens.  And it’s happening twice as much as it did a year ago according to Kaspersky Lab (a leading anti-everything security software company).

For those of you who don’t know, ransomware is a virus that can lock you out of your very own system or device. It can happen immediately, on a certain event, or at a certain time.

Ransomeware is also called a cryptolocker attack.  And it has ZERO warning that it’s coming.

Here’s how it works.

Imagine this: You’re on your smartphone. You’re online shopping for something. BAM! A screen pops up telling you you’re locked out of your device. No button works. A reboot didn’t help. You have NO control of your phone anymore!

The ransomware has control of your phone.  That goes for tablet or computer too!

Oh, and I left out the part where you have to pay someone money to get a code to unlock it.

And that “ransom” you pay MIGHT get you your data back. The attacker may just take your money and run or raise the price.

The attacker can place other viruses tracking your key strokes (keylogger), your website activity (spyware), and who knows what else.

How bad would that be?

Why do they do this you might ask? 😉 Well, an attack group:

“…penetrated the networks of banks, seeking out critical systems that would allow it to withdraw money. One successful attack alone would bring in as much as $2.5 – $10 million dollars.”

That’s why!

And don’t think for a second that they don’t practice on other stuff first.

“Point-Of-Sale terminals, used by retailers and other consumer-facing organizations were another target for attack in 2015, with Kaspersky Lab products blocking more than 11,500 attempts to hack into PoS devices.”

The point-of-sale terminal is where you pay at the grocery store, gas station, etc.  So they’re targeting that too!

So now we know this is all horrible. How do you protect yourself?

To prevent ransomware attacks there are many things you can do.

1.  Be careful what you download.  Software. E-mail attachments.   Whatever it is, be aware of what you’re downloading.

Only download information from websites you personally trust.

2.  Don’t allow websites to install software.  Be careful of any website wanting to install something or telling you to accept cookies.  These are good ways to install a virus with your permission.

If you’re 100% certain of what’s being installed, it’s up to you if you want to approve that. But if you’re not sure, don’t do it.

If it’s a legit install that needs to take place, you’ll be warned again on another website.  Software updates or upgrades are a good example of this.

3.  Make a rescue disk.  A rescue disk is used to restore your system in an event like this. When all else fails, use the rescue disk.

Here is Kasperky’s directions on how to create a rescue disk:

  1. Download the ISO image of Kaspersky Rescue Disk 10 (kav_rescue_10.iso).
  2. Download the Kaspersky Rescue Disk Maker (rescue2usb.exe).
  3. View documentation on Knowledgebase.

I hope this helps you be a little safer out there!
– Brandon

 

If you enjoyed this post...

Why not join our newsletter?  You’ll get updates for FREE!

privacy We value your privacy and would never spam you

Resources:
http://usa.kaspersky.com/about-us/press-center/press-releases/kaspersky-lab-business-threats-2015-saw-number-cryptolocker-att
https://securelist.com/blog/research/57311/cryptolocker-wants-your-money/