Skip to main content

Ransomware is the new hot threat everyone is talking about; what do you need to know?

what is ransomware and should you be worried about it shutterstock 223094779
Image Credit: Shutterstock/Wk1003mike
You wake up one day, rub the sleep out of your eyes, and boot up your laptop. Expecting to see a Twitter feed or Facebook profile, instead you’re greeted with a big red image, demanding that if you don’t pay $200 to an unknown party in the next 24-hours, everything you know and love on your computer will be erased, and gone forever.

Welcome to the world of “ransomware,” the newest, hottest way that underground criminals are pulling cash from the pockets of innocent victims and using it to fund their clandestine operations. But what exactly is this ransomware stuff, and is there anything you can do to protect yourself against it?

A brief history of ransomeware

As antivirus vendors and security professionals continue to make headway against global malware campaigns on a daily basis, hackers have been looking for more inventive ways of keeping their revenue streams strong without relying on standard credit card fraud techniques.

The result of this effort has come in the form of new viruses like Cryptolocker, Cryptowall, and more recently, TeslaCrypt, which are all members of an increasingly popular family of infections known as “ransomware.” The earliest known version of ransomware, called CryptoLocker, first debuted on the scene around the tail end of 2013, and hit so hard the Internet barely had enough time to figure out what it was dealing with in the first place.

In what seemed like no more than a week, a flood of users were reporting that a new, unknown style of virus had locked down their hard drives, and was demanding a healthy ransom to return control of their most prized files and folders. By capitalizing on the relatively unknown nature of its infection style, ransomware was able to sweep through tens of thousands of computers in a matter of days, spreading through established botnets and infecting users via standard phishing links embedded in email attachments and untrustworthy downloads.

Locker17
Image used with permission by copyright holder

Despite trying system resets, flashing the BIOS, or installing new hard drives altogether, the only screen they would be able to see was the hacker’s flyer which told them how much they needed to pay to regain access, and how long they had left before the format bomb would eventually go off.

Worse, users started reporting that the hackers were making good on their word, and would remove CryptoLocker if the terms had been met in the allotted 24-hour period. This only encouraged more desperate and confused victims to pay the fee instead of looking for an alternative option, which in turn, fueled the spread among criminal organizations who spied a new, quick way to make an easy buck.

Unlike classical malware that installs keyloggers, backdoors, or trojans on a computer in the hopes that a user would eventually type in the details of a credit card or other personal information that could later be used or sold, CryptoLocker and its many subsequent variants offered a simple, and reliable revenue stream that the underground market could capitalize on to fund other, less-profitable operations.

Amounts demanded for the ransom would vary wildly depending on the criminal ring behind it, anywhere from $25 to $600, almost always paid either in Bitcoin, or sent through MoneyGram onto untraceable prepaid cards in Eastern European nations.

The threat goes mobile

Not soon after PCs were experiencing a torrent of total lockdowns, both mobile security firms and mobile phone owners were reporting that the threat had migrated onto select pieces of hardware running Google’s Android operating system, and even a few devices in the iOS ecosystem we subjected to similar attacks.

Mobile ransomware would work much the same as its bigger cousin, locking down a device entirely, with only a message being displayed that demanded an exorbitant sum be paid within a certain amount of time or the phone would be wiped clean.

Luckily, many of the victims of mobile attacks were relatively safe from harm, as most phones and tablets with Android or iOS automatically back up vital internal data like photos, contacts, notes or texts to cloud services every time the device is plugged in for a charge. Sure, they might have lost a couple songs stored on their SD cards, but other than that, the damage caused by mobile ransomware is significantly less pronounced than what we’ve seen on full-fledged PCs.

The solution…sort of

In this respect, there are two simple solutions to making sure you don’t become a target for ransomware, though it should be noted that one carries considerably more risk than the next.

The first is to simply wait to see if you get infected, and if so, hope that one of the major antivirus vendors have created a fix for your specific type of ransomware. What was once an un-defeatable beast of terrifying magnitude has since been wrangled into a much more manageable threat, and many of the top AV companies have provided fixes that you can download and fit on a USB stick to plug in when the ransom screen appears. With enough time to study the patterns and attack paths of ransomware, malware research groups have found several key tactics to penetrate its armor, which thankfully don’t trigger the self-destruct mechanism in the process.

That said, new types of ransomware (much like the malware it’s based off of), are being developed daily, and it’s nearly impossible for AV companies to account for every different style as they emerges in real time. If you happen to get caught in the web of a new ransomware, your chances of getting your data back unharmed are unfortunately slim to none, unless you give in to the hacker’s demands.

The second method of prevention is much more secure, and in our opinion, the only way to go when it comes to malware.

Back. Up. Everything.

At its core, ransomware exploits people’s unwillingness to back up their most precious data and files onto a separate hard drive that is completely disconnected from their main PC or network. By not creating separate carbon copies of their photo albums, music, programs, or documents, this type of malware can hold these folders hostage, and expect you to pay because it’s the only version you have in existence.

By backing up your operating system and all its contents to an air-gapped external hard drive every single day, you completely mitigate the risk of ransomware by circumventing the tool it uses to get you to pay up in the first place.

Imagine if a real live hacker came into your house at night, stole your computer, and then called you in the morning with demands to “pay up, or the PC gets it.” Little do they know, you had another identical computer waiting for just such an emergency in your closet. You could tell them to keep what they took, and just pull out the new tower and go about enjoying the rest of your day.

That’s the level of security from ransomware you can have as long as you remember to backup all of your data once a day, every day, and be sure to disconnect the drive when you’re done.

Alternatively, you can use a cloud storage solution or backup service to provide the same level of protection. This too will prevent you from becoming a victim of ransomware, and it’s often easier than backing up to a hard drive every day or week. On the downside, such services are much more expensive over time than a hard drive, so you pay for their convenience.

Conclusion

When ransomware first hit, it sent a shockwave through the security industry and claimed tens of thousands of computers as a result.

Since then, we’ve adapted. We’ve studied the tactics of the hackers, and maneuvered through their nonsense to create a system of users and protectors that are ready for whatever the underworld might have to throw our way.

Ransomware is still a problem, sure. Yes, it still claims tens of thousands of PCs, laptops, and mobile devices per year, but it’s not anywhere near the threat that it used to be, and its overall impact grows smaller by the day.

As long as you’re prepared, you can stay one step ahead of ransomware, and simply shake it off like a bad cold if it ever shows up on your doorstep uninvited.

Editors' Recommendations

Chris Stobing
Former Digital Trends Contributor
Self-proclaimed geek and nerd extraordinaire, Chris Stobing is a writer and blogger from the heart of Silicon Valley. Raised…
Grab this sleek Asus gaming laptop while it has a $450 discount
Cyberpunk 2077 running on the Asus ROG Zephyrus G14.

While there are a lot of excellent gaming laptops on the market, a lot of them tend to be pretty big and bulky, which makes sense since it's always nice to have a bigger screen to game on. Unfortunately, that does mean that those who prefer a smaller laptop don't get a lot of options, but luckily, the Asus ROG Zephyrus G14 is small and good enough for entry-to-mid-range gaming. If you've been looking for some great 14-inch laptops for gaming, then you'll be happy to know that the Zephyrus G14 is discounted heavily at Best Buy, all the way down to $1,150 from its original $1,500.

Why you should buy the ASUS ROG Zephyrus G14
Even though the Asus ROG Zephyrus G14 is quite small, Asus still manages to pack a respectable RTX 4060 under the hood, which is a really excellent GPU for high-refresh, high-settings 1080p gaming, and great for 2K resolutions with some compromises. Luckily, the screen runs a 2560 x 1440 resolution and can hit an impressive 165Hz refresh rate, which means that you can choose between prioritizing resolution, refresh, or graphical settings. It can also hit a whopping 500 nits of peak brightness, which essentially means you can use this everywhere, even with indirect sunlight, so it really adds to the portability.

Read more
Best Buy is selling this HP gaming laptop for just $550 today
HP Victus placed outside while displaying an attractive background.

Even though there has been a lot of progress when it comes to gaming laptops, they still tend to cost a lot of money, especially if you're on a tight budget and don't want to spend the thousands of dollars they usually cost. Luckily, HP has a great solution for you in the form of the HP Victus 15, which has a couple of solid low-budget configurations. For example, this configuration from Best Buy will let you net the Victus 15 for just $550, rather than the usual $880 it goes for, saving you a solid $330 in the process.

Why you should buy the HP Victus 15
It's worth noting from the start that this configuration of the HP Victus 15 is not that powerful, as it comes with an older RTX 3050 GPU under the hood. That's an entry-level GPU from the last generation, although that doesn't necessarily make it a bad choice, especially if you're mostly interested in free-to-play games like CS:GO and League of Legends. In fact, the 15.6-inch FHD screen can even hit a 144Hz refresh rate, which implies that it's made for these types of games that are older and well-optimized for budget GPUs so that you can play them a bit more competitively. That said, the screen can only hit 250 nits of peak brightness, so you'll want to keep it away from any sunlight or strong lighting when gaming.

Read more
This HP Omen pre-built gaming PC is $300 off in this Best Buy sale
hp omen 40l review 03

If you're looking for a gaming PC that isn't going to break the bank, there are a couple of solid options that don't include having to build a PC from scratch. For example, the HP Omen lineup of desktops has a lot of budget-friendly options, so if you're just starting out and don't want to spend a ton, you can grab certain configurations of the HP Omen 40L. Even better, there's a great deal from Best Buy right now that discounts the HP Omen 40L down to just $1,180 from the usual $1,480, which is a pretty great discounted price for what you're getting.

Why you should buy the HP Omen 40L
The beating heart of any gaming PC is the GPU, and in this configuration of HP Omen 40L, you get yourself an RTX 4060 Ti, which is a slight upgrade of the RTX 4060, and an excellent 1080p GPU. With it, you should easily be able to hit or surpass 100fps on ultra settings on most modern games, and if you want to go to 2K resolutions, you will have to make some compromises in refresh rate and graphics, but it should still be quite good. More importantly, you could always upgrade the GPU with one of these GPU deals down the line if you feel you need more power, which is one of the biggest benefits of a desktop.

Read more