What is Ransomware?
Ransomware is the generic term for any malicious software that, as its name suggests, demands a ransom be paid by the computer’s user.
Why would you want to pay a ransom?
Because the ransomware has done something unpleasant to your computer, and potentially to your data. For instance, it might have encrypted your documents and demanded that you pay a ransom to unlock access to them. This type of ransomware is known as a filecoder, the most notorious filecoder is Cryptolocker.
How would my computer get infected by Ransomware like Cryptolocker?
A typical method of infection would be to open an unsolicited email attachment or click on a link claiming to come from your bank or a delivery company. There have also been versions of Cryptolocker seen which have been distributed via peer-to-peer files-sharing networks, posing as activation keys for popular software like Adobe Photoshop and Microsoft Office.
If your computer becomes infected, Cryptolocker hunts for a wide range of file types to encrypt – and once its dirty work has been done, displays a message demanding you electronically transfer the cash to have the files decrypted.
What happens if, after my computer gets hit by ransomware, I don’t pay up?
In the case of many ransomware attacks there is a deadline for payment – and if you don’t pay up in time you could permanently lose access to your files.
And do people actually pay the ransom?
Yes, in many cases they do. Imagine if you didn’t have a verified backup from which you can restore your sensitive or company files. You might very well think it is worth spending a few hundred pounds to regain access to your data.
So does paying the ransom decrypt your data?
Yes, generally it does restore access your data if you think about it, that’s good business sense by the criminals. If word got around that the attackers don’t keep their side of the bargain, nobody would ever pay the ransom. However, paying the ransom doesn’t mean that you’re safe and out of the woods. The criminals might leave malware on your computer, and now know that you are the kind of person who is prepared to pay hard cash to regain access to their computer or data. In short, you could be targeted again in the future.
Can’t my antivirus simply remove a ransomware infection?
Yes, in most cases good security software should be able to remove ransomware from your computer. But that isn’t the end of your problems. Because, if the Ransomware which infected your computer was a filecoder your files are still encrypted. Security software might be able to decrypt your sensitive information if a simple filecoder was used in the attack, but files hit by a more sophisticated example of ransomware like Cryptolocker are impossible to decrypt without the right key.
SystemCare can provide you with multi-layered IT protection from cyber threats.