Ransomware.
Even
the
name
sounds
scary.
When
you
get
down
to
it,
ransomware
is
one
of
the
nastiest
attacks
a
hacker
can
wage.
They
target
some
of
our
most
important
and
precious
things—our
files,
our
photos,
and
our
information
stored
on
our
devices.
Think
about
suddenly
losing
access
to
all
of
them
and
being
forced
to
pay
a
ransom
to
get
access
back.
Worse
yet,
paying
the
ransom
is
no
guarantee
the
hacker
will
return
them.
That’s
what
a
ransomware
attack
does.
Broadly
speaking,
it’s
a
type
of
malware
that
infects
a
network
or
a
device
and
then
typically
encrypts
the
files,
data,
and
apps
stored
on
it,
digitally
scrambling
them
so
the
proper
owners
can’t
access
them.
Only
a
digital
key
can
unlock
them—one
that
the
hacker
holds.
Nasty
for
sure,
yet
you
can
take
several
steps
that
can
greatly
reduce
the
risk
of
it
happening
to
you.
Our
recently
published
Ransomware
Security
Guide
breaks
them
down
for
you,
and
in
this
blog
we’ll
look
at
a
few
reasons
why
ransomware
protection
is
so
vital.
How
bad
is
ransomware,
really?
The
short
answer
is
pretty
bad—to
the
tune
of
billions
of
dollars
stolen
from
victims
each
year.
Ransomware
targets
people
and
their
families
just
as
explained
above.
Yet
it
also
targets
large
organizations,
governments,
and
even
companies
that
run
critical
stretches
of
energy
infrastructure
and
the
food
supply
chain.
Accordingly,
the
ransom
amounts
for
these
victims
climb
into
the
millions
of
dollars.
A
few
recent
cases
of
large-scale
ransomware
attacks
include:
-
JBS
Foods,
May
2021
–
Organized
ransomware
attackers
targeted
JBS’s
North
American
and
Australian
meat
processing
plants,
which
disrupted
the
distribution
of
food
to
supermarkets
and
restaurants.
Fearing
further
disruption,
the
company
paid
more
than
$11
million
worth
of
Bitcoin
to
the
hacking
group
responsible.
-
Colonial
Pipeline,
May
2021
–
In
an
attack
that
made
major
headlines,
a
ransomware
attack
shut
down
5,500
miles
of
pipeline
along
the
east
coast
of
the
U.S.
Hackers
compromised
the
network
with
an
older
password
found
on
the
dark
web,
letting
the
hackers
inject
their
malware
into
Colonial’s
systems.
The
pipeline
operator
said
they
paid
nearly
$4.5
million
to
the
hackers
responsible,
some
of
which
was
recovered
by
U.S.
law
enforcement. -
Kaseya,
July
2021
–
As
many
as
1,500
companies
had
their
data
encrypted
by
a
ransomware
attack
that
followed
an
initial
ransomware
attack
on
Kaseya,
a
company
that
provides
IT
solutions
to
other
companies.
Once
the
ransomware
infiltrated
Kaseya’s
systems,
it
quickly
spread
to
Kaseya’s
customers.
Rather
than
pay
the
ransom,
Kaseya’
co-operated
with
U.S.
federal
law
enforcement
and
soon
obtained
a
decryption
key
that
could
restore
any
data
encrypted
in
the
attack.
Who’s
behind
such
attacks?
Given
the
scope
and
scale
of
them,
it’s
often
organized
hacking
groups.
Put
simply,
these
are
big
heists.
It
demands
expertise
to
pull
them
off,
not
to
mention
further
expertise
to
transfer
large
sums
of
cryptocurrency
in
ways
that
cover
the
hackers’
tracks.
As
for
ransomware
attacks
on
people
and
their
families,
the
individual
dollar
amounts
of
an
attack
are
far
lower,
typically
in
the
hundreds
of
dollars.
Again,
the
culprits
behind
them
may
be
large
hacking
groups
that
cast
a
wider
net
for
individual
victims,
where
hundreds
of
successful
attacks
at
hundreds
of
dollars
each
quickly
add
up.
One
example:
a
hacker
group
that
posed
as
a
government
agency
and
as
a
major
retailer,
which
mailed
out
thousands
of
USB
drives
infected
with
malware.
Other
ransomware
hackers
who
target
people
and
families
are
far
less
sophisticated.
Small-time
hackers
and
hacking
groups
can
find
the
tools
they
need
to
conduct
such
attacks
by
shopping
on
the
dark
web,
where
ransomware
is
available
for
sale
or
for
lease
as
a
service
(Ransomware
as
a
Service,
or
RaaS).
In
effect,
near-amateur
hackers
can
grab
a
ready-to-deploy
attack
right
off
the
shelf.
Taken
together,
hackers
will
level
a
ransomware
attack
at
practically
anyone
or
any
organization—making
it
everyone’s
concern.
How
does
ransomware
end
up
on
computers
and
phones?
Hackers
have
several
ways
of
getting
ransomware
onto
one
of
your
devices.
Like
any
other
type
of
malware,
it
can
infect
your
device
via
a
phishing
link
or
a
bogus
attachment.
It
can
also
end
up
there
by
downloading
apps
from
questionable
app
stores,
with
a
stolen
or
hacked
password,
or
through
an
outdated
device
or
network
router
with
poor
security
measures
in
place.
And
as
mentioned
above,
infected
storage
devices
provide
another
avenue.
Social
engineering
attacks
enter
the
mix
as
well,
where
the
hacker
poses
as
someone
the
victim
knows
and
gets
the
victim
to
either
download
malware
or
provide
the
hacker
access
to
an
otherwise
password-protected
device,
app,
or
network.
And
yes,
ransomware
can
end
up
on
smartphones
as
well.
Smartphone
ransomware
can
encrypt
files,
photos,
and
the
like
on
a
smartphone,
just
as
it
can
on
computers
and
networks.
Yet
other
forms
of
mobile
ransomware
don’t
have
to
encrypt
data
to
make
the
phone
unusable.
The
“Lockerpin”
ransomware
that
has
struck
some
Android
devices
in
the
past
would
change
the
PIN
number
that
locked
the
phone.
Other
forms
of
lock
screen
ransomware
would
simply
paste
a
warning
over
the
home
screen
with
a
“pay
up,
or
else”
message.
Still,
ransomware
isn’t
as
prevalent
on
smartphones
as
it
is
on
computers,
and
there
are
several
reasons
why.
For
the
most
part,
smartphone
ransomware
relies
on
people
downloading
malicious
apps
from
app
stores.
Both
Google
Play
and
Apple’s
App
Store
both
do
their
part
to
keep
their
virtual
shelves
free
of
malware-laden
apps
with
a
thorough
submission
process,
as
reported
by
Google
and
Apple.
Yet,
bad
actors
find
ways
to
sneak
malware
into
the
stores.
Sometimes
they
upload
an
app
that’s
initially
clean
and
then
push
the
malware
to
users
as
part
of
an
update.
Other
times,
they’ll
embed
the
malicious
code
so
that
it
only
triggers
once
it’s
run
in
certain
countries.
They
will
also
encrypt
malicious
code
in
the
app
that
they
submit,
which
can
make
it
difficult
for
reviewers
to
sniff
out.
Further,
Android
allows
users
to
download
apps
from
third-party
app
stores
that
may
or
may
not
have
a
thorough
app
submission
process
in
place,
which
can
make
them
more
susceptible
to
hosting
malicious
apps.
Moreover,
some
third-party
app
stores
are
actually
fronts
for
organized
cybercrime
gangs,
built
specifically
to
distribute
malware.
Basic
steps
to
protect
yourself
from
a
ransomware
attack.
First,
back
up
your
data
and
files.
The
people
behind
these
attacks
play
on
one
of
your
greatest
fears—that
those
important
and
precious
things
on
your
device
might
be
gone
forever.
Yet
with
a
backup,
you
have
little
to
fear.
You
can
simply
restore
any
data
and
files
that
may
have
come
under
attack.
Consider
using
a
reputable
cloud
storage
service
that
you
protect
with
a
strong,
unique
password.
Similarly,
you
can
back
up
your
data
locally
on
an
external
drive
that
you
keep
disconnected
from
your
network
and
stored
in
a
secure
location.
So
while
a
backup
won’t
prevent
an
attack,
it
can
most
certainly
minimize
any
threat
or
damage
from
one.
Be
careful
of
what
you
click.
Ransomware
attackers
use
phishing
emails,
bogus
direct
messages
in
social
media,
and
texts
to
help
install
malware
on
your
device.
Many
of
these
messages
can
look
quite
legitimate,
like
they’re
coming
from
a
brand
you
know,
a
financial
institution,
or
even
the
government.
The
links
embedded
in
those
messages
will
take
you
to
some
form
of
malicious
website
where
you’re
prompted
to
download
a
phony
file
or
form—which
is
actually
malware.
Similarly,
some
phishing
emails
will
simply
send
malware
to
the
recipient
in
the
form
of
a
malicious
attachment
that
masquerades
as
a
legitimate
document
like
an
invoice,
spreadsheet,
or
shipping
notice.
Use
online
protection
software.
This
provides
your
first
line
of
defense.
Online
protection
software
includes
several
features
that
can
stop
a
ransomware
attack
before
it
takes
root:
-
Safe
surfing
features
that
warn
you
of
malicious
downloads,
attachments,
and
websites. -
Strong
antivirus
that
spots
and
neutralizes
the
latest
malware
threats
with
the
latest
antivirus
technologies. -
Vulnerability
scanners
that
help
keep
your
device
and
its
apps
up
to
date
with
the
latest
security
measures. -
A
firewall
that
helps
prevent
intruders
from
accessing
the
devices
on
your
network—and
the
files
on
them.
Yet
more
ways
you
can
prevent
ransomware
attacks.
That
list
is
just
for
starters.
Our
Ransomware
Security
Guide
goes
even
deeper
on
the
topic.
It
gets
into
the
details
of
what
ransomware
looks
like
and
how
it
works,
followed
by
the
straightforward
things
you
can
do
to
prevent
it,
along
with
the
steps
to
take
if
the
unfortunate
ends
up
happening
to
you
or
someone
you
know.
Ransomware
is
one
of
the
nastiest
attacks
going,
because
it
targets
our
files,
photos,
and
information,
things
we
don’t
know
where
we’d
be
without.
Yet
it’s
good
to
know
you
can
indeed
lower
your
risk
with
a
few
relatively
steps.
Once
you
have
them
in
place,
chances
are
a
good
feeling
will
come
over
you,
the
one
that
comes
with
knowing
you’ve
protected
what’s
precious
and
important
to
you.