Ransomware, it’s everywhere. We had hoped that the notorious file-encrypting ransomware called CryptoLocker was defeated after law enforcement knocked out its infrastructure last year, but CryptoLocker and its close cousin CryptoWall have come back stronger than ever.
Ransomware is malware that prevents you from using your files or your computer, and then extorts money from you in exchange for a promise to unlock them.
We’d like to show you more about the newest kinds of ransomware, how they work, and what you as an organization or individual can do to stay safe.
Ransomware: a brief history
Ransomware and fake-antivirus have been around for many years, relying on social engineering to trick computer users into paying the cybercriminals, so their phony warnings claim, to avoid fines from police for supposed crimes, or to clean up “viruses” on their computers that don’t actually exist.
But CryptoLocker and CryptoWall – variations of the malware we sometimes call crypto-ransomware or cryptoware – don’t bother with that sort of trickery. The attackers tell victims up-front that their files have been encrypted by the crooks. Unless you pay for the encryption key held by the attackers, the crooks destroy the private encryption key, making it impossible to recover your files.
How it works
A ransomware attack goes through five stages from the time it installs on your computer to the appearance of the ransom warning on your screen. You can download our step-by-step infographic to learn about the stages of an attack, and get tips on staying safe.