Ransomware is a type of malware that prevents or limits users from accessing their system, either by locking the system's screen or by locking the users' files unless a ransom is paid. More modern ransomware families, encrypt certain file types on infected systems and forces users to pay the ransom through certain online payment methods to get a decrypt key.
Ransomware Infection and Behavior
Users may encounter this threat through a variety of means. Ransomware can be downloaded onto systems when unwitting users visit malicious or compromised websites. It can also arrive as a payload either dropped or downloaded by other malware. Some ransomware are known to be delivered as attachments from spammed email, downloaded from malicious pages through malvertisements, or dropped by exploit kits onto vulnerable systems.
Once executed in the system, ransomware can either lock the computer screen, or, in the case of crypto-ransomware, encrypt predetermined files.
In the first scenario, a full-screen image or notification is displayed on the infected system's screen, which prevents victims from using their system. This also shows the instructions on how users can pay for the ransom.
The second type of ransomware prevents access to potentially critical or valuable files like documents and spreadsheets.
Ransomware Prevention & Defense
There is no silver bullet when it comes to stopping ransomware, but a multi-layered approach that prevents it from reaching networks and systems is the best way to minimize the risk.
Follow these proven tips to avoid damage:
Avoid opening unverified emails or clicking links embedded in them.
Back up important files using the 3-2-1 rule—create 3 backup copies on 2 different media with 1 backup in a separate location.
Regularly update software, programs, and applications to protect against the latest vulnerabilities.
Finally, stay informed. One of the most common ways that computers are infected with ransomware is through social engineering. Educate yourself on how to detect phishing campaigns, suspicious websites, and other scams. And above all else, exercise common sense. If it seems suspect, it probably is.