We probably don’t need to tell you that the Internet has been a positive invention, one that has become a relevant, crucial part of our lives. People can do all kinds of things thanks to the World Wide Web, from browsing for fun to research for work or school; from streaming online to enjoying multiplayer games; from checking sports pages and results to send emails and open social media accounts. We could do this all day!
However, there are also dangers and risks associated with the use of the Internet in our lives. You could be a victim of hackers trying to steal your identity, data, or even your credit card numbers. Also, you can get in touch with viruses, worms, Trojans, and other types of malware, including the dreaded Ransomware.
If somebody locked up your most relevant files and data, preventing you from gaining access, what would you do? Of course, acting at that moment would be panicking. Take a few hours to calm yourself down, and start finding solutions. There are ways to decrypt what belongs to you without having to pay money to criminals.
Ransomware: the dreaded cryptovirology attack
Ransomware is the name given to an attack that cybercriminals make in which they “hijack” the victim’s files, documents, and other elements, and to liberate them, they ask people for a ransom, much like real-life kidnapping. Sometimes, they are private or highly compromising files that the hackers threaten to publish.
Technically speaking, the Ransomware is a form of malicious software of the cryptovirology field. They can lock the victims’ files in a simple, rudimentary way that allows tech experts to reverse, but others use cryptoviral extortion to encrypt the people’s digital assets, making it impossible to access them. These spiteful masters of the encryption like to ask for Bitcoin and other cryptocurrencies to liberate the “kidnapped” goods.
These attacks have what it seems like an inoffensive modus operandi: A Trojan horse passes as an actual file that the user downloads without knowing it is potentially dangerous. It often comes in the form of an unknown email attachment.
The WannaCry worm, a form of ransomware, differs somewhat from the generic description, traveling automatically from computers to computer without needing any interaction. The WannaCry attack infected dozens of machines in May 2017 and specifically targeted Windows computers. It encrypted the users’ data and asked for a ransom to decrypt it all, and is propagated via an exploit of older versions of the operating system called EternalBlue.
Ransomware affected both individual people and collectives, in the form of governmental agencies, enterprises and non-profit organizations. And while there still isn’t a 100% adequate protection against it, there are things you can do to be more careful and avoid being the newest victim of crypto and cyber attacks.
Ransomware is, therefore, software that blocks programs and routes of access to crucial files, documents, pictures, videos or network. Not only can they restrict access to the owner of these things, but in some cases, these criminals threaten to delete them unless they receive their money permanently.
The most widely known Ransomware attacks have been the WannaCry, CryptoLocker, and Cryptowall. They are notorious for accessing your files if you recklessly download email attachments or if you open pop-ups.
Reasons why you should never pay a hacker’s ransom
It might be a farce!
Ok, so far we know that ransomware is a software developed with the intention of locking up specific files and data from your system and if you don’t pay an established ransom, you will not gain access to them. However, most of the victims are naïve Internet users that give up after the first threat or warning. Without them knowing, their digital resources may not be even blocked at all! Sometimes, hackers send messages with false claims of them being Ransomware victims, and people bite and provide the money without needing to do it.
Attackers will probably demand additional ransom
Imagine that the hacker’s claim that he has your access locked is true. Ok, you may think that now is the time to pay. But why? Do you have any guarantees that, after you make the transfer, they won’t ask twice as much and trick you again? These are criminals; they shouldn’t be trusted at all!
If they lock your data and receive the payment they initially asked for, they can unlock a tiny bit of your information and ask for more; that is if you want to regain access to your full resources, of course. You keep paying, but they will continue to toy with you.
There are n guarantees on getting your data back
If you don’t know whether you will be asked for more money or not after you provide the requested payment, how on Earth could you be sure that you will get your data back? Again, there are no guarantees with these criminals, so the best option is not to pay them at all. Paying them and putting your trust on them to give your stuff back can be a futile attempt. They would walk away as winners, having made money out of your naivety. If you negotiate with the enemy and make concessions, you are putting yourself in extremely vulnerable positions for the future.
Authorities strongly advise against it, and with valid reasons
The Federal Bureau of Investigations (FBI) for example, strongly recommend not to pay ransomware developers and headmasters, because it would mean that the activity found success and it would open up the possibilities for increased attacks in the future.
Not only authorities and law enforcement agencies advice not to pay any ransoms, but also cybersecurity experts do. It would make things worse, as they will be encouraged to keep doing it.
The ransoms are going up
In 2016, according to Symantec, the average amount paid per bribe was close to 300 dollars, but they think that, by the end of 2018, the number will increase to almost $1,100. If you pay a ransom to a hacker, and your neighbor does too, and more and more people make the same mistake, they will see the business as a goldmine and, knowing that people will go crazy and pay any amount they suggest, will increase the figure.
Some infections do not even encrypt your data
While Ransomware attacks typically encrypt the users’ data and files, thus preventing them from accessing it, there have been numerous cases in which the offense does not encode anything, and finding a quick solution is plausible.
Encrypting ransomware is extremely troublesome, as you need to decrypt keys to regain access to your digital assets. Non-encrypting cases often require just the help of system restores or anti-malware software.
You can have access to decrypt keys
For those Ransomware cases that involve data encryption, you need a decrypt key to regain access to your files. Some cybersecurity experts can crack the encryption because there are hackers who make mistakes in their advances, or police officers access their computers and restore the keys. Anyway, you may have available keys for some of these attacks:
- BTCWare
- Crysis
- Chimera
- Jigsaw
- Rakhni
- Ronnoh
- Shade
- TelsaCrypt
- WannaCry (CWRY)
- Wildfire
- Xorbat
You can Google decrypt keys by typing the name of your ransomware; that is if you know it
It funds illegal activities
Would you support a child pornography agency? What about the hacking activity? Dog fighting? No? That’s what we thought. You don’t want to provide any payment to those activities because they are criminal, frowned upon and ethically condemned. The same happens with ransomware: paying a ransom would be encouraging the act for the future; and not only that but also, you would be helping fund it.
VPN and Ransomware protection
One helping hand in the battle against Ransomware is VPN. Virtual Private Networks, as they are known by their full name, are online resources that use encryption protocols and technologies to hide the users’ data, traffic, and IP address to be less visible to hackers, viruses, governmental surveillance, and every other external agent out there.
A quality VPN like TorGuard can protect you from Ransomware by having a list of suspicious addresses. These tools provide anonymity, security, and privacy: if a hacker can’t see you online, then the odds are against you being the latest victim of ransomware.
VPNs are especially helpful on public networks and Wi-Fi hotspots, which are incredibly dangerous places to connect because ransomware developers tend to target vulnerable users to download an email attachment and click on pop-ups.
You should know that VPNs can make you less prone to be the target of a Ransomware infection, but you are still not 100% protected. To be adequately protected, you need to combine a VPN, antivirus software and some of the measures we are about to tell you.
The right way to deal with ransom cyber attacks
Since paying the ransom should be your last option, there has to be something you can do to avoid suffering cyber attacks or to get out of one if you have been a victim of these shady people’s acts.
For prevention, we recommend you to stay away from unknown email attachments at all costs and do the same with pop-ups. It doesn’t matter if you see them on pages you usually visit: don’t click on them!
Also, you can combine anti-malware software with a VPN. Those two tools can work together in lowering the chances of you getting infected with any ransomware attack. Protect your system and your privacy while you can.
For corrective acts, once you have contracted the infection, remember not to pay the ransom. Continually back up your data in external drives or cloud services, use recovery solutions, and, in extreme cases, contact the authorities.
