“Ooops, your files have been encrypted!”
That’s the dreaded message that greeted people hit with the 2017 WannaCry ransomware attack. Hundreds of thousands of computers were infected and many people lost their computer files, money, and time, and suffered immeasurable aggravation and embarrassment.
It’s been a couple of years since then and, experts agree, ransomware is still “alive and well.”
What is a ransomware attack?
Ransomware is a particularly nasty and scary form of malware that blocks and encrypts user data, which is then held for ransom. It can block access to your personal information, or threaten to disable your devices unless you pay for the password to decrypt and unlock your data.
This can be very profitable for online criminals, and there is no guarantee that users who pay a ransom will get full access to their systems again. Plus, if payment is demanded via credit card, for example, criminals may then have access to your card details, enabling them to commit further theft and fraud.
The rising threat of mobile ransomware
Last year, mobile ransomware infections increased by 33%., and it’s getting worse. McAfee says Ransomware was already up 118% in the first quarter of 2019. Most alarming was a rapid increase in the number of ransomware infections on mobile devices, up by a third when compared to the previous year. The U.S. was the worst affected by mobile ransomware, accounting for 63 percent of infections.
At Allot laboratories, we discovered Android/Filecoder.C, which is a ransomware variant that uses both symmetrical and asymmetrical encryption. It’s particularly nasty because it spreads via SMS through the contact list of each victim.
Before encrypting the archives, Android/Filecoder.C sends a group of SMS messages to each person in a victim’s contact list. The text in each SMS message tries to trick the recipient into clicking a malicious link that will download and install malware, thereby creating new victims in a viral fashion.
(The URLs have been changed in order to avoid “miss-clicking” on them.)
Just when you thought it couldn’t get worse…
A new type of “ransomware” has appeared called GermanWiper. Although initially focused on Germany, GermanWiper has been detected in other countries.
This “ransomware” differs from the others because, while regular ransomware encrypts files and threatens to delete them if the ransom is not paid, GermanWiper erases all files and demands a payment, pretending to offer a decryption key in exchange for the ransom, which is especially misleading and devious because user data is already “gone for good.”
But, actually, there’s nothing good about it. With almost twenty thousand detections every single day, ransomware is on the rise and doesn’t show any sign of slowing down.
So, how do you defend yourself against ransomware?
Following certain safety protocols can effectively protect your devices from ransomware attacks.
Here are 5 ways to protect yourself from ransomware:
- Install antivirus software: The first line of defense is having a reputable and up-to-date antivirus package installed. Today’s advanced antivirus programs have expanded to cover various other types of malware such as ransomware, spyware, spam, and phishing attacks. They are now better tuned to block ransomware, while a few even claim they can clean up the mess after the fact.
- Avoid suspicious emails and links: Do not open suspicious email attachments and click on links, even if you know and trust the sender – most ransomware is distributed via phishing emails.
- Backup your data: Make regular offline backups. Since some variants of ransomware can delete backup copies on your computer and network drives, save your files on an external drive or in the cloud. This will ensure you don’t lose any files if you are targeted by a ransomware attack.
- Update your software: Keep your OS and all your software updated and patched.
- Don’t use torrents: Beware of pirated content and software, which are usually distributed via P2P and torrent sites and can include malware.
In other words…
- Have an up-to-date and reliable antivirus package installed on your device
- Avoid opening suspicious emails or links
- Frequently backup your data offline
- Ensure your OS and software are updated
- Avoid pirated p2p content.
Ransomware survival guide
These and other tips are available in “Ransomware: A Survival Guide,” which offers essential steps for protecting against ransomware attacks.
This document gives you the tools you need to defend your data, your privacy, and your hard-earned money. Inside you will learn:
- Practical steps you can take to remove ransomware,
- Ways to avoid ransomware attacks before they strike, and
- What your network operator can do to protect you.
Learn more and get the survival guide at 9 Steps to Beating Ransomware