What Is Ransomware? How Does Ransomware Work?
What is Ransomware?
Ransomware is a malicious software that carries out the cryptoviral extortion attack from cryptovirology that blocks access to data until a ransom is paid and displays a message requesting payment to unlock it.
Simple ransomware may lock the system in a way which is not difficult for a knowledgeable person to reverse. More advanced malware encrypts the victim’s files, making them inaccessible, and demands a ransom payment to decrypt them. The ransomware may also encrypt the computer’s Master File Table (MFT) or the entire hard drive. Thus, ransomware is a denial-of-access attack that prevents computer users from accessing files since it is intractable to decrypt the files without the decryption key. Ransomware attacks are typically carried out using a Trojan that has a payload disguised as a legitimate file.
How Does Ransomware Work?
Ransomware gains access to a computer the same way as any kind of virus or computer worm – either through getting the user to open an infected email, navigate to a compromised website or install an infected program.
Once inside a computer it can work in a several different ways. One of these is to bombard users with adverts, indecent images or bogus warnings until they pay to have them removed.
Alternatively, it can lock users out of one or more parts of their PC until they pay to have access restored. Sometimes it does this by mimicking an official warning from a government agency or police force.
Finally, there is the method mentioned above – where personal or important files are removed from the host PC, encrypted and threatened with deletion.
What can be done to prevent this?
The best way to protect your computer is to create regular backups of your files. The malware only affects files that exist in the computer. If you have created a thorough backup and your machine is infected with ransomware, you can reset your machine to begin on a clean slate, reinstall the software and restore your files from the backup. According to Microsoft’s Malware Protection Centre, other precautions include regularly updating your anti-virus program; enabling pop-up blockers; updating all software periodically; ensure the smart screen (in Internet Explorer) is turned on, which helps identify reported phishing and malware websites; avoid opening attachments that may appear suspicious.