Ransomware – What is it?

Ransomware is something that is to be concerned more about than other types of malware. If configured the right way, a computer will not suffer as bad as it could be. But if not and your computer contracts this type of software, then you will incur something that most people fear.

Ransomware gets it's name because of what it does to the user. If they are infected with it, all the documents, pictures, downloads as well as other types of files will get encrypted. This encryption has not been known to be cracked at this point which leads technicians into the direction of unfortunately your files can't be recovered without paying an absurd price to get the software from the source of the software.

Now as a company we have encountered this a few times because of the overall rarity of it. But we have recovered files for all of our clients every time. While this is not always a likely case for any and all clients in the future, it is possible to recover the files entirely. In the past that this occurred, we recovered to only a couple hours prior to the ransomware strike, but also to about a week prior. It's all relative to the recovery point that we were able to access. In that, the recovery points of computers also store shadow copies of the files for use of recovery with other softwares.

Using that window will allow you to recovery documents regularly. Through the use of other software, we can access the shadow copies that are available to recover documents, pictures, videos, etc.  But ransomware has been known to wipe out those too.

By design they want you to pay the ransom for the files. The makers of the product will allow you to test it with 1 file that is at most 2mb or 2048kb in size to show you that they can recover the data. As mentioned earlier, the price is steep. Anywhere from $500- $1000+ to get you the data. And it's done through bitcoin instead of using a credit card directly. That digital currency model is the only way to get the files back.

Now for the question that has been going on in your head, "how do I contract this?" Very simple. Generally it's contracted via an email from a fake UPS or other shipping company. Also they send an attachment that you download and open.  It then spreads through the system and runs the encryption. If you shutdown the machine fast enough through pulling the plug or pushing the power button, very little will be encrypted. If a file is left open at the time of the encryption, it won't be encrypted.

As with all viruses or malware, if it's too new it will get past most if not all programs designed to protect the system.  So use caution when opening attachments.

Comments are closed.