How to stay safe from ransomware, the malicious software holding your data hostage for cash

Computer Analyst Hacker Security Code
An analyst looks at code in the malware lab of a cyber security defense lab at the Idaho National Laboratory in Idaho Falls, Idaho September 29, 2011. REUTERS/Jim Urquhart

Ransomware is on the rise.

Advertisement

Cyber criminals have found they can make a good living by infecting computers with malicious software called "ransomware" — named for its sole function of encrypting data and holding it hostage in exchange for cash.

The FBI mentioned it as one of the "hot topics" in its annual internet crime report, with nearly 2,500 complaints of ransomware reported in 2015, amounting to $1.6 million in losses.

"Ransomware and crypto malware are rising at an alarming rate and show no signs of stopping," Raj Samani, European technology head for Intel Security, told the BBC.

Here's what you can do to protect yourself from it.

Advertisement

Researchers have seen an incredible 3500% increase in criminal infrastructure that helps run ransomware campaigns.

iceland data servers
Stringer/Reuters

Source: BBC

And it's pretty easy to see why. A recent report found that one Russian criminal boss was raking in $90,000 a year from such schemes.

Moscow
Ian Walton/Getty Images

Source: TI

Advertisement

Criminal gangs try to infect people's computers with software that will encrypt all their data under lock and key. Then they'll see a message like: "All files on your computer have been encrypted. You must pay this ransom within 72 hours to regain access to your data."

cryptolocker ransomware
FBI

Source: US-CERT

Fortunately, there are plenty of ways to prevent the loss of your data, starting with conducting regular backups.

external hard drive
Shutterstock
Advertisement

Sure, backing up your files to an external hard drive might be annoying, but it would be worth it when you need it. Or you could save your most important files to cloud services like Dropbox.

Dropbox homepage
Hollis Johnson / Business Insider

So even if you are infected with ransomware, it won't matter, since all your important stuff is backed up in a safe place. And you'll keep your cash.

Money win happy lottery powerball
Caroline Moss/Shutterstock
Advertisement

Still, no one wants to be infected in the first place, and one of the easiest methods criminals use is through email phishing. You might get an email with a PDF or Word attachment from some unknown person...

hacker phishing emails
Matt Grandy, security consultant with Red Team Security, runs various commands on a system he is testing. Paul Szoldra/Tech Insider

...But once you open the file, it's all over. So be cautious with opening attachments from people you don't know.

Phishing Attachment
An example of a phishing email with an attachment SecurityMetrics
Advertisement
Advertisement

So you should also keep your operating system and software up-to-date, and use antivirus software.

Software Update
Business Insider

Though unfortunately there is no silver bullet. “There’s no one method or tool that will completely protect you or your organization from a ransomware attack,” Trainor said.

Hacker
REUTERS / Samantha Sais
Advertisement

If you are infected with ransomware, you should report it to the FBI's Internet Crime Complaint Center.

fbi concacaf fifa
FBI agents carry boxes from the offices of CONCACAF, the soccer federation that governs North America, Central America and the Caribbean, in Miami Beach, Florida May 27, 2015. Reuters

Source: IC3

And whether you pay the criminals to release your data is up to you, but the FBI and cyber professionals recommend against it, since there's no guarantee you'll get it back.

Mask Computer Hacking
A man wearing a Guy Fawkes mask surfs the web during a "Campus Party" Internet users gathering in Sao Paulo January 30, 2013. Reuters
Advertisement

And in the case of the Russian group tracked by a cybersecurity firm, the report found it often collected money without giving users a decryption key at all.

cyber
Man poses in front of on a display showing the word 'cyber' in binary code, in this picture illustration taken in Zenica December 27, 2014 Reuters

Source: TI

"Paying the ransom does not guarantee the encrypted files will be released; it only guarantees that the malicious actors receive the victim’s money, and in some cases, their banking information," US-CERT says. "In addition, decrypting files does not mean the malware infection itself has been removed."

Hacker
Shutterstock

Source: US-CERT

Cybersecurity Security
Advertisement
Close icon Two crossed lines that form an 'X'. It indicates a way to close an interaction, or dismiss a notification.