What is Ransomware?
Ransomware is a type of malicious software (malware) that prevents you from using your computer until you pay a ransom. The malware can prevent you from using your computer in a number of ways, recently the most popular way is to encrypt your files. This type of ransomware is sometimes referred to as crypto-ransomware and is primarily the type of ransomware what this document covers.
What is encryption?
Encryption is the encoding of a file so it cannot be read without a key to decrypt. Encryption is used every time you make an online purchase to keep your information safe. When used as part of ransomware it can prevent you from accessing your files. At this time there is no way to decrypt the files without the key.
What computers are at risk?
At this time ransomware is primarily targeted at Windows operating systems however this type of malware can be designed to run on Macs, Linux, and mobile devices such as Androids and iPhones.
What does it do?
Crypto-ransomware will encrypt files with common extensions such as .doc, .docx, .mov, .xls, .xlsx, .pdf, .bmp, etc. This malware can do this to any drive attached to your computer as well as network shares and in some cases cloud storage solutions such as Drop Box or Microsoft’s One Drive.
How would I get infected?
The two most common vectors for infection are opening and running an infected email attachment and drive by downloads. A drive by download occurs when you visit a compromised website and it downloads and runs the malware on your computer without your knowledge.
How can I prevent infection on my home computer?
- Ensure that your operating system is patched with the latest security patches. Install antivirus software and make sure it is up to date.
- Keep any software installed on your computer up to date.
- Do not open email attachments unless you know who they were from and you have confirmed they sent you an attachment.
- Do not click on suspicious links in emails as these may lead to a compromised website