Ransomware – How to Beat the Cybercriminals

Ransomware – How to Beat the Cybercriminals

Introduction

Despite advances in computer security viruses and other malware still find ways to infiltrate computers and related technology. Ransomware is malicious software designed to prevent access to the files and data on a computer until money is paid to release them. Ransomware holds your computer hostage until you pay a ransom. It can lock away anything from the Powerpoint you created for your next big meeting or your favorite music album you listen to every day. Your holiday photos, wedding video, anything and everything you store on your computer is at risk.

Sometimes, though, it could be as simple as holding your screen hostage by posting pop-ups of pornography and the sort until you pay a predetermined amount for hackers to remove it. Ransomware can take many shapes and forms but requirement of a payment remains the same. Because of this it is dangerous and financially exhausting if a computer, or believe it or not a phone, gets tapped into. There are many who’s, why’s, and how’s that come with ransomware and it is up to all of us to figure out how to best deal with it and be informed about any short and long-term harms of this virus.

Hackers try to get you to pay

Hackers will try to make you believe anything. A few key ideas cyber criminals like to use as to why your computer is being held hostage are as follows: One rather embarrassing one, especially if it’s not true, is that you distributed or looked at prohibited pornographic content. Imagine having a pop-up like that covering your screen at work. The effects could be devastating. Hackers can also claim in ransomware messages that you are violating the “law of neglectful use of your computer.” They state, “illegal access has been initiated from your PC without your knowledge or consent, your PC may be infected by malware, thus you are violating the law of Neglectful Use of Personal Computer.

Article 210 of the Criminal Code provides for a fine of up to $100,000 and/or a deprivation of liberty for four to nine years.” They also follow it up by saying if you don’t pay within 72 hours, ” a criminal case is initiated against you automatically.” Hackers also try to say that you are in violation of copyright laws and in turn, have to pay another fee of sorts. Hackers will do and say anything, to get you to hand over your money. They make money off of fear and that’s what these messages try to convey to you, that if you don’t pay up, you’re in big trouble.

Ransomware finds its way into your computer

There are many ways criminals can get ransomware on your computer. A common method used by criminals is buying redirected web traffic from a Traffic Distribution Service (TDS) vendor and pointing it to a site hosting an exploit kit. There is nothing you are doing wrong in this situation. Hackers just make it more difficult for you to get where you’re trying to go by redirecting you to somewhere you don’t want to be.

In a lot of cases, redirected traffic originates from adult content-related websites. If the exploit kit is successful in exploiting a vulnerability in the visiting victim’s’ computer, it can lead to what is commonly referred to as the drive-by-download of malware. This means that you can click on a link thinking it’ll take you one place but instead it “accidentally” redirects you to another website. Once there it would automatically download malware onto your computer without your consent and usually, without your knowledge.

Also, be on the lookout for malvertisements which is similar but different from TDS. Malvertisements can get pushed onto legitimate websites in order to redirect traffic to a site hosting an exploit kit. These malicious advertisements are often on normal websites we visit every day which makes them so dangerous. Whether you’re shopping online or trying to stream a video, malvertisements can get in the way and access information you don’t want them touching.

Finally and of course, there’s spam email; this pesky email that can automatically go harmlessly into your spam folder or it can show up in your main inbox as a site you regularly visit. Spam usually comes in the form of an email containing a malicious attachment or a link in an email leading to a site hosting an exploit kit. The spam email tries to trick users into installing the ransomware using a whole range of psychological buttons. In recent years, the spam emails used to distribute ransomware have favored the following themes:

  • Mail delivery notification
  • Energy bills
  • Job seeker resume
  • Tax returns and invoices
  • Police traffic offense notifications

From these very common themes, you can see that ransomware and ransomware con artists like to use topics and ideas that you would normally click on. Be on the watch for these in your email.

Types of Ransomware

There are many different types of ransomware but the three most common types are fake, locker, and encryption ransomware. Fake ransomware is fairly simple to get rid of as you just need to reset your computer. It can show up in any situation, whether that be searching a celebrity name or trying to find the score of a ball game. Fake ransomware can technically hit you anywhere, which can be a burden. It’ll even make it seem like you have to make a payment by locking down your browser, giving you a warning message. Fear not though, as a simple computer reset should do the trick to get rid of these pesky fake ransomware messages.

Locker ransomware is typically only designed to prevent access to the computer screen, largely leaving the underlying system and files untouched. This means that the malware could potentially be removed to restore a computer to something close to its original state. This makes locker ransomware less effective at extracting ransom payments compared with its more destructive relative encryption ransomware. Because locker ransomware can usually be removed, it tends to be the type of ransomware that goes to great lengths to incorporate techniques to pressure victims into paying. This type of ransomware often acts as law enforcement authorities and claims to issue fines to users for alleged online indiscretions or criminal activities.

Encryption is the most in-depth as it is designed to find and encrypt valuable data stored on the computer, making the data useless unless the user obtains the decryption key. As people’s lives become increasingly digital, they are storing more important data on their personal computers and devices. Encryption ransomware doesn’t let you know you’ve been affected until all of your valuable documents and files have been encrypted. It tries to stay off the radar until it presents to you the damage that has already been done. All three of these ransomware types are harmful to your computer and can cause heartache and damage in the long run. Do your best to protect yourself from its grasp.

Money, money, money

So why do hackers do it, aside from being criminals and wanting to cause crime? Go where the money is. Hackers mainly do it for the money though there may be some underlying reason why they hit up a certain person, type of person, or even a specific company. Green is what makes the world go round, and it’s what motivates the hackers to hack. Generally speaking, hackers can charge anywhere from $20USD to $700USD and up. This makes it relatively reasonable for victims to make a payment. They try not to put a very high price point on the ransom, in an effort to cater to the middle class. There are two main ways these criminals like to receive their money: payment vouchers and bitcoin currency.

Payment vouchers

There are many different types of payment vouchers, MoneyPak being most popular. Locker ransomware, as discussed earlier, is more likely to use payment vouchers because of the convenience to victims. Just like in any shopping situation, if the price is reasonable, a customer is more likely to make the purchase. If their screen is locked, they can’t go to different websites to purchase other types of online currencies like bitcoin. It would be easier for them to purchase a payment voucher from a local store and return to the ransom with a code for payment.

Usually, when a locker ransomware hits a computer, it gives you an idea of where to purchase the payment voucher from, mentioning local stores and shops that would sell them. After you make the purchase you need to return to the computer and enter the code to make the payment. Other payment vouchers aside from MoneyPak include but are not limited to UKash, CashU, and MoneXy.

Bitcoin

According to Bitcoin.org, “Bitcoin uses peer-to-peer technology to operate with no central authority or banks; managing transactions and the issuing of bitcoins is carried out collectively by the network. Bitcoin is open-source; its design is public, nobody owns or controls Bitcoin and everyone can take part.”

This makes placing ransoms very lucrative for online criminals and hackers as Bitcoin is nearly untraceable by the government. It doesn’t go through any bank or clearinghouse and you can use them in every country. Bitcoins can be used to buy items and gift cards all over the world. Amazon, Target, and even Whole Foods are just a few big name companies that accept bitcoins as payments. The Bitcoin acceptance list is getting larger. There are Bitcoin ATMs popping up across the country to accommodate for the popularity that is Bitcoin. They even have maps online to help you find the closest ATM from your location.

The main concern with Bitcoins these days is that they are fairly expensive. Although there are multiple ATMs and kiosks popping up with their popularity rising, one Bitcoin, according to CoinDesk.com, is worth about $530USD and this was the last time we checked. The rate is constantly changing. In this case, when ransomware hackers ask you to pay half a bitcoin, you’re still looking at paying an upwards of $260! Bitcoin prices are changing fairly often and it would be good to know what they’re ranging for if you find yourself needing to pay off a ransomware threat. We understand you may need to, but if possible, it is not recommended giving in to the cyberterrorists.

Should you be worried?

“We must stress that ransomware remains one of the most dangerous computer threats at this moment, and prevention is essential to keep users safe,” said ESET, an IT security company, in an announcement after releasing a decryption tool for a type of ransomware earlier this year. That being said, if you are informed and prepared, ransomware shouldn’t keep you awake at night. There are many preventive ways to help avoid ransomware ever getting on and into your technology.

Being informed

The best defense to any technological threat is to be informed. Starting with this post, you are already on the right path to preventing ransomware from attacking you. Search the internet about how ransomware gets onto your computer and what you can do to avoid its dangerous traps. Staying informed about the latest trends in ransomware will keep you on your toes, and hopefully away from the places which can get you into trouble with this cyber threat.

Learn from others/Listen to professionals

On Feb. 5th, 2016, computers at Hollywood Presbyterian Medical Center became infected with malware that shut down their communications capabilities. In the same month, computers at the Los Angeles County Department of Health Services became infected with a program that blocked access to their data. Although in these cases, hackers targeted big companies, ransomware is targeting household computers more often than not and it’s due to our “cyber hygiene” or lack thereof. They also attack home users because they most likely don’t have a whole IT team protecting them. History repeats itself, but it doesn’t have to with ransomware as more and more cases are happening across the board. Learn from the mistakes of others and protect yourself.

Avoid unsafe emails and websites

Malvertisements are hard to avoid because they can be found on rather safe websites. If you start swimming in the oil, you’re going to get dirty. Avoid going to unsafe, shady websites that can carry ransomware, usually found on pornographic sites. Also avoid unsafe emails, including spam.

Emails from people you don’t know are your enemy most of the time. Make sure you don’t just open up any old email. Delete emails you don’t recognize and for sure do not click on any attachments. Clicking on said attachments would really cause the ransomware to get onto your computer. An unassuming email might come from a friend or family member. If you were not expecting an email from this person, and there is a vague subject line or none at all, and maybe an attachment is included, it would probably be safer to check with that friend or family member to make sure they purposefully sent you the email, and not a spammer/hacker.

Security never hurt anyone

Have some sort of security system installed on your computer. They can better protect you from the ransomware out there, especially as the field begins to expand. Some computers come pre-installed with security systems, and others don’t. Do your research and find which security best fits both what you’re trying to protect and your price range.

My Fast PC offers a tool that will help to diagnose your computer then find and eradicate any potential harm from your computer. The RMM tool (remote monitoring and management) is exactly what it sounds like. A technician at My Fast PC can monitor and manage your computer while not being in the same room as you.

Essentially, the RMM tool is business level support for home users. The technician can do a mass scan to install or uninstall a program onto the customer’s computers. My Fast PC sets certain specifications so they aren’t monitoring or looking at data that isn’t necessary or relevant to them. My Fast PC uses this tool mainly for removing malware, online backup, and antivirus support. You can set your own commands for the RMM tool, and it gives you customized reports. This security tool can help you pinpoint where and what the unwanted programs are and help extract them from your computer.

Back up everything

Backing up important information is a swell thing to do in any situation. But to really protect yourself from ransomware, it is a genius idea. Having an external drive is key to backing up information that you wouldn’t want held hostage in the hands of a cybercriminal. Depending on your usage, you should make sure you are backing up about once a week, more or less. External Hardrive’s ensure the safety of your files for at least a week so that if a cyber attack happens in between backups, the majority isn’t lost. Make sure that when you back up information into your external hard drive, once you are finished, unplug your external hard drive. This makes it so that if ransomware does hit, it doesn’t affect your external hard drive. Ransomware can only reach what is connected to the computer.

The cloud is the all knowing, all holding hard drive that doesn’t exist in the physical sense of the word. The cloud is another great way to backup your files. There is no physical connecting or disconnecting from your computer and most of the time, you can get cloud storage for free. If you have a lot of information you’d like to protect and back up, and we mean a lot, feel free to purchase more storage.

A quick tip is to make sure automatic backups are not turned on.When you get ransomware, and a backup happens, this will overwrite any clean files with the new crypted/affected files. This, in essence, will have the cloud working against you, and you wouldn’t want something you trusted in so much (the cloud) to betray you. The same idea goes with an external hard drive. Just be sure to think about how often you want to back up files into the cloud.

Were you still hacked?

So you’ve taken all the preventive steps to stop ransomware in its tracks and yet, somehow, it found a way to weasel into your system? It has a way of doing that sometimes. Michael Hiltzik of the LA Times says “ransomware has become harder to break and the approach more sophisticated.” But fear not, as there are two very important steps to take in case you feel you’ve been hit with a ransom.

Try your best to withhold payment!

Under most circumstances try not to give in to a cyberterrorist attack. It is our American duty to never give up, never surrender. Paying for ransomware to be removed from your computer is expensive. Paying might also mean aiding and funding other illegal activities. Paying the bad guys encourages them to keep doing what they’re doing. It also makes you more susceptible to cyber attacks down the road. There is always a chance that they won’t follow through after you have paid and, in turn, they might have you paying even more than originally requested to get it removed. You might find yourself with an empty wallet by the end of it all.

Get a computer diagnosis

If you feel you’ve been attacked, and that you may have ransomware on your computer, My Fast PC offers free computer diagnoses. Technicians will tell you quickly if your computer has been affected by a cyber criminal.

Conclusion

Ransomware is real and is showing it can take over. Hackers pose a real threat to our privacy and our money. Ransomware can get you on your computer, tablet, or even your cellphone. Hackers love to do it because money is at the center of it all. As long as hackers get paid, threats will continue. You can change that trend. You don’t have to pay them because you can prevent ransomware from seriously affecting your computer. Stay informed on the latest when it comes to ransomware. Learn from others and listen to experts talk about ransomware. Educate yourself on what you can do to stop it from getting onto your computer. Work on your “cyber hygiene” and become acquainted with backing up files externally to either a physical hard drive or to the cloud.

Use common sense and avoid shady websites and opening unknown emails. This will prevent a lot of heart and headaches when it comes to dealing with computers. As long as you take preventive measures, you should be ransomware free. It would be awful to have it affect you in a major way at the end of your technological career. If you still get hacked, try not to pay and get a diagnosis from My Fast PC. Ransomware can be avoided. Taking the time to prevent it from coming to a screen near you will be well worth it.