This is podcast number 2. Today I want to talk really briefly about ransomware. Ransomware: what is it? And how is it different from viruses and malware and scareware? What is ransomware?
Ransomware is somebody’s terrible, terrible attempt at making some money. That’s all ransomware is. Think about what a ransom is. Somebody has something you want and they’re holding it ransom. In this case, it’s your data.
This is when bad guys have access to only be able to read and write to the file system on your computer, which basically any user can do. They have permission to encrypt all of those files and put them back in as encrypted versions with an encryption key that is so strong that even the NSA would balk at it.
Essentially bad guys get access your computer and they encrypt all your files and tell you “Your file is encrypted, you owe us three bitcoins to be able to get your files back.” They’re not joking; you can’t decrypt the files.
If you have a backup you should definitely restore your backup. And you should have had a backup, right? Because you have good backups that you test out frequently and you make sure that they’re running. (I’m looking at you, do-IT-yourselfer small business owner!)
This is different from scareware. It used to be the case that you get an email or you get a message on the computer and pop up with a “warning your computer is infected with viruses call this number!” That’s lame too, don’t get me wrong. It’s probably more often than not fake. Close the window out and you’re probably going to be fine. Ransomware is a little different, because this is a real thing. With a lot of cases of ransomware you won’t even discover that the ransomware is in place until you go to open the file and your computer’s like, “what is this file, I can’t open it because it’s a ball of gobbledygook.”
You better make sure that your antivirus solution that you’re using is aware of ransomware threats. You better make sure that the network router you’re using is blocking some of the IP addresses that run the Tor network that hold the ransomware and that distribute ransomware. It’s a major problem now. It’s really one of the lamest problems now. It’s another reason why we need to back up. It’s another reason why we need to secure your endpoints.
[CONTACT_FORM_TO_EMAIL id=”1″]
Leave a Reply