“Ransomware” is one of the most scariest names of virus in history.
What is “Ransomware”?
The english word ransom means a sum of money demanded or paid for the release of a captive. Ransomware is a program or virus/malware which lock files and demand money to unlock the files. You must have heard the name of WannaCrypt. You may also know that this ransomware attacked a lot of computers, locked the files and demanded 300 dollar to unlock or decrypt them. Who is receiving this money through bitcoin no one knows.
If you are not paying, then the WannaCrypt virus or Ransomware threatens to delete all files within 3 days.
Normally there are 3 types of Ransomware-
This virus is not so dangerous as it sounds. It is made up of some malicious system software.A pop-up message could be shown like “Viruses found. To remove, pay money” etc. But if you don’t pay them it will not harm you. It is only for scamming. Sometimes it asks for permission to install malicious software. You don’t have to think about Scareware if have updated antivirus.
This malware is worrying. By its name we can guess that if it enters in our computer we will be blind in front of the screen. A warning message will appear on the screen when you turn on your computer. On the screen there will be the logo of several international intelligence agencies like FBI etc. and it will say you have to pay ransom for doing illegal activities on the computer. But the truth is that no international intelligence agency locks any data of a personal computer and demands money.
Let’s come to the main culprit. This type of malware is really very dangerous. By the attack of this malware even a very powerful cyber security system can be blocked. The speciality of this malware is that if it enters into a computer it encrypts all files of the computer. It means a person locks your files so that any other person can’t access the files without him. Then he demands money. If a file get locked by this, no other person or antivirus will be able to open the file. Even if you pay them there will be no guarantee that you will get your files back as before.
How this malwares work?
Ransomware is a type of malware, which prevents a user from accessing a computer after infecting a computer device, and restricts the user’s access and demands money to get rid of this. There is some ransomware that encrypts all the files on the system’s hard drive with a big key. The encryption key is so large it becomes technically impossible to break it without ransom.
Some other people use a simple program and lock the files and demand money from the user.
It works in 3 steps-
- First the hacker sets a password and spread the malware through internet.
- Then the malware attack a computer, locks its files and shows the message set by the hacker.
- If the hacker gets the payment he gives the key and the user decrypt the files.
The harms are caused by the malware:
The data locked by hacker includes the user’s photos, files, social network account information etc. Not only this, but a certain amount of money is asked from the user to get the information back. If they don’t get the money they threats to destroy all the data. More than 100 countries were the victim of this malware. Many large institutions of different sectors was stopped due to the attack of ransomware. Then the hackers told that they would return the control for 100 dollar in a message to the affected computers. Microsoft just released a security update last March to fix the security flaw that WannaCrypt used of Windows. PC users who have suffered an attack for whatever reason did not install the MS17-010 security patch update in March, or were using Windows versions that Microsoft no longer supports. But now Microsoft has also released this patch for Windows (XP, Vista). If you are a Windows 10 OS user, you are free from the possibility of being infected by this virus, because Windows 10 OS has the protection against this malware. There are some steps you can take to protect yourself.
There is currently no decryption tool or any other solution available for WannaCrypt, so users can follow the following protection measures to protect themselves.
Ways to be safe:
- It is important to keep a backup of the files you need, both online and offline, because there is no known way to be safe from ransomware. Also, effective antivirus should be used to protect the privacy of yourself and your information.
- Ransomware protection first requires an updated OS, so make sure you have auto-update on your computer.
- If there is a link or attachment file in a message or mail sent by a stranger, you should not click on the link or download the file.
- Keep a backup of your important data and files and update at least once a week or month.
- Use good quality licensed antivirus, not free antivirus, for security of computers and mobile phones.
- Extensions of ransomware. Details about how the spread.
- The ways to decrypt encrypted file.
Stay tuned for more information about what to do if ransomware attacks your system.
Written by: Shishir Chowdhury.
Translated by: Sakib Hasan Ruhin