Unless you have given up listening to the news or reading the news feeds on your phone you have read countless articles on how a ransomware attack damaged our HSE. I’ve seen a good bit of jargon used and tossed about which might cause you to switch off to exactly what ransomware is. With that in mind I will do a few articles which hopefully will make it easier for you to both understand these threats and in the event one gets on your computer minimize the effects.
Encrpytion or Encrypted and Decryption
Encryption is the process of taking any file on your computer and scrambling it with a key.
Thus if you had a file with a single simple sentence such as “I love bettystown” the ransomware app will change the contents to something like “xhgffffffff ffff xccxxx “
To get the original data back you must use a decryption app with the original key used to unscramble your file. Without the correct key you cannot get your data back.
This is the actually app used to encrypt the data and it may also include code to spread the app across multiple computers on a network which means in home environment all the connected computers can become infected. The payload will not usually execute until it has attempted to infect all found computers.
Method of Infection
The scammers use a variety of methods to get the payload onto your computer or network.
These include but are not limited to:
- Emails with a link that when you click it executes the payload on your computer.
- Fake or hijacked Websites containing links to the payload.
- Attacks using a variety of custom apps originally designed to test the security of networks and now being used to attack them.
Speed of Encryption
The speed of encryption is remarkable fast and most infections have completed their task before the computer user becomes aware of it.
Targets For Ransomware
The main target for ransomware attacks is windows based computers as they represent the largest segment of installed computers worldwide. All versions of windows are capable of being successfully attacked. This does not mean computers running other operating systems are safe but I’ve not heard of any Apple or Linux systems failing victim.
I expect in time they scammers will attempt to target other devices including phones and tablets but this will probably be using different methods.
In my next article I will suggest some approaches to minimizing the effect an attack can have on your computer but for now stay vigilant and take extra care before you click on a link or visit a website you are not familiar with.
Oliver Reidy is a computer technician and has been in the industry since 1981.You can contact him via email at firstname.lastname@example.org, by the telephone numbers listed on this page, and whatsapp @08779707040. This article, and all previous articles, are available to view online at http://reidyonline.blogspot.ie/ or www.reidyonline.com/blogspot.htm