A message appears on your computer: “You have visited illegal websites and must pay a fine of $200 to continue using your computer.” You discover that none of your files can be opened. All of their contents looks like Greek letters. What is going on?
You may ave been struck by the newest trend running around: ransomware. The malicious software (malware) encrypts all the files on your hard drive and asks for payment to unlock them.
How Does Ransomware Happen?
According to US-CERT (https://www.us-cert.gov/ncas/alerts/TA16-091A), ransomware is usually connected to other trojan or virus software. It infects your computer in many of the same ways malicious software has always worked. Attachments to emails, tainted downloads, and open network shares are common entry points.
There are the standard prescriptions for preventing malware, including:
- Keeping your antivirus software up to date
- Installing new operating system versions and security updates when they come out
- Avoid web links and attachments in unsolicited emails.
All of these you can probably handle yourself. Other suggestions from US-CERT include:
- Whitelisting software
- Restricting user permissions
- Restricting macros in emailed spreadsheets, word processing documents, and other like data
You can read the full report at https://www.us-cert.gov/ncas/alerts/TA16-091A.
Be careful out there!