This
blog
post
was
written
by
Bruce
Snell.
This
past
weekend
I
was
at
a
local
roller
rink
where
my
kids
were
enjoying
their
first
time
on
skates.
While
I
watching
my
oldest
make
a
successful
lap
around
the
rink,
one
of
the
other
parents
came
up
and
asked
me,
“Hey,
you’re
in
security,
what’s
the
deal
with
ransomware?
Do
I
need
to
worry
about
it?”
I’ve
been
getting
a
number
of
questions
about
ransomware
lately,
but
I
have
to
admit
it
was
the
first
time
I
talked
about
security
while
listening
to
disco
blasting
at
a
roller
rink.
Since
I’ve
been
getting
so
many
questions
about
it
recently,
I
thought
it
might
be
a
good
time
to
share
some
general
information
about
the
topic
of
ransomware.
So
what
is
ransomware?
Ransomware
has
been
around
for
a
number
of
years,
with
the
first
known
version
dating
way
back
to
1989.
That’s
right,
the
decade
of
big
hair,
spandex,
leg
warmers
and
VHS
also
had
ransomware.
However,
ransomware
in
its
current
form
dates
back
to
around
2010.
It’s
this
type
ransomware
that
has
been
showing
up
across
PC’s,
smartphones
and
even
Macs
in
ever
increasing
numbers.
According
to
our
research
at
McAfee
Labs,
the
numbers
of
unique
types
of
ransomware
doubled
in
the
last
year!
It’s
a
huge
threat
that
impacts
not
only
businesses,
but
also
everyday
people
who
just
use
their
device
to
check
email
or
post
on
Facebook.
But
what
is
it?
Ransomware
is
malware
that
restricts
access
to
your
system
and
demands
that
you
pay
a
“ransom”
to
the
malware
author
in
order
to
regain
access.
There
are
two
primary
ways
this
is
accomplished.
The
first
way
is
by
locking
the
screen
and
not
allowing
access
until
the
ransom
is
paid.
This
type
of
malware
could
be
removed
with
a
little
bit
of
digging
around
and
cleaning,
but
typically
the
malware
authors
will
use
scare
tactics
to
make
people
pay.
A
common
method
is
to
craft
the
pop
up
to
look
like
it’s
from
some
sort
of
law
enforcement
agency
and
that
“illegal
content”
has
been
found
on
your
device.
What
people
need
to
keep
in
mind
is
that
if
a
law
enforcement
agency
found
illegal
content
on
your
system,
you’re
not
going
to
be
able
to
fix
the
situation
by
simply
paying
a
fine.
However,
cybercriminals
know
that
enough
people
will
be
spooked
by
this
and
pay
the
“fine”
to
avoid
potential
legal
issues.
The
nastier
version
of
ransomware
involves
encryption.
This
class
of
ransomware
(CryptoLocker
is
the
most
well-known
of
this
type)
will
search
through
the
target
system
and
look
for
files
that
are
most
likely
to
contain
valuable
data.
Typically
this
means
just
looking
for
Microsoft
Office
file
formats
as
well
as
PDFs
and
image
files.
The
ransomware
will
then
go
through
the
process
of
encrypting
each
of
those
files
with
an
encryption
key
to
make
them
unreadable
to
the
victim.
The
ransomware
will
then
create
a
pop
up
informing
the
victim
that
their
files
have
been
encrypted
and
they
must
pay
a
fee
within
a
short
period
of
time
or
the
decryption
key
will
be
destroyed
leaving
the
files
locked.
This
method
has
proven
very
successful
for
cybercriminals,
as
many
people
would
rather
lose
a
bit
of
money
instead
of
losing
their
personal
data.
It’s
a
completely
understandable
reaction
when
faced
with
the
loss
of
things
like
tax
records
or
pictures
from
your
most
recent
vacation.
Small
businesses
are
particularly
vulnerable
as
they
may
not
have
adequate
backups
of
customer
data
and
bookkeeping.
Unfortunately,
we
have
seen
times
when
the
decryption
key
doesn’t
work
and
people
still
lose
their
data
after
paying
the
ransom.
Cybercriminals
typically
don’t
offer
tech
support
or
refunds.
Ransomware
is
a
particularly
nasty
type
of
malware
and
while
some
ransomware
can
be
cleaned
out
by
someone
with
good
technical
know-how,
most
cannot.
If
your
system
is
infected
with
ransomware,
odds
are
that
you
will
not
be
able
to
recover
the
data
that
was
encrypted.
Ransomware
isn’t
just
for
PC
anymore
At
first,
ransomware
was
a
concern
only
for
computers
running
Windows.
In
2015,
we
saw
an
increase
in
mobile
ransomware
and
just
recently
ransomware
for
Macs.
Ransomware
is
now
something
that
everyone
has
to
think
about.
So
how
do
I
stay
safe?
To
stay
safe
against
ransomware,
you
need
to
keep
in
mind
that
at
the
core
ransomware
spreads
like
any
other
type
of
malware.
If
you
follow
safe
computing
practices
you
can
decrease
your
chance
of
getting
infected
with
ransomware.
-
Be
suspicious:
Cybercriminals
use
the
standard
tried
and
true
methods
for
spreading
ransomware,
so
take
extra
care
to
not
click
on
a
suspicious
link
or
attachment.
What
makes
it
suspicious?
Maybe
it’s
an
oddly
worded
email
pretending
to
be
your
bank
asking
for
more
information.
It
could
be
an
unexpected
attachment
from
someone
in
your
contact
list.
If
you
weren’t
expecting
someone
to
send
you
an
attachment,
call
or
text
them
to
double
check. -
Keep
your
system
updated:
Since
ransomware
starts
out
like
any
other
malware,
keeping
your
system
up
to
date
on
all
the
security,
operating
system
and
application
patches
will
go
a
long
way
in
preventing
a
ransomware
infection. -
Run
anti-virus
on
your
system:
While
the
two
steps
above
will
keep
a
lot
of
malware
out,
it
is
still
very
important
to
run
anti-virus
on
your
system
to
protect
against
new
exploits
that
aren’t
yet
fixed
by
an
update
or
attacks
like
drive
by
downloads.
The
cost
of
anti-virus
software
will
be
dramatically
less
than
what
cybercriminals
will
demand
in
ransom! -
Backup
to
the
cloud:
On
the
off
chance
ransomware
slips
past
the
protections
listed
above,
having
your
sensitive
information
backed
up
to
the
cloud
can
help
recover
without
paying
ransom.
It’s
important
to
use
backups
that
aren’t
just
drives
attached
to
your
computer,
as
most
ransomware
will
scan
attached
drives
as
well
for
files
to
encrypt.
Of
course,
you
do
want
to
make
sure
the
online
backup
service
you
use
offers
encryption
to
keep
your
data
safe
while
in
the
cloud.
Ransomware
is
a
serious
threat
that
has
been
growing
dramatically
over
the
past
year
but
with
a
combination
of
smart
surfing,
anti-virus
protection
and
updates
you
can
dramatically
reduce
your
risk
of
getting
caught
by
ransomware.
Stay
safe!