Share48
Tweet
Pin
Share
48 Shares

Updated on by

SCARS|RSN™ Cybersecurity Guide: Protecting Against Ransomware

All about ransomware

Ever wondered what all the ransomware fuss is about? You’ve heard about it at the office or read about it in the news. Maybe you’ve got a pop-up on your computer screen right now warning of a ransomware infection. Well, if you’re curious to learn all there is to know about ransomware, you’ve come to the right place. We’ll tell you about ransomware’s different forms, how you get it, where it came from, who it targets, and what to do to protect against it.

Ransom malware, or ransomware, is a type of malware that prevents users from accessing their system or personal files and demands a ransom payment in order to regain access. The earliest variants of ransomware were developed in the late 1980s, and payment was to be sent via snail mail. Today, ransomware authors order that payment be sent via cryptocurrency or credit card.

SCARS|RSN Content Table of Contents hide
1 SCARS|RSN™ Cybersecurity Guide: Protecting Against Ransomware
1.1 All about ransomware
1.2 What Is Ransomware?
1.3 How Does Ransomware Work?
1.4 How Is Ransomware Delivered?
1.5 What Can You Do To Protect My Data And Networks?
1.6 What Can You Do To Prevent Ransomware Infections?
1.7 How Do You Respond To A Ransomware Infection?
1.8 What Do You Do If My Computer Is Infected With Ransomware?
1.9 More Information About Ransomware
1.10 More Help
2 MORE INFORMATION
2.1 Tell us about your experiences with Romance Scammers in our Scams Discussion Forum on Facebook »
2.2 FAQ: How Do You Properly Report Scammers?
2.3 Please be sure to report all scammers HERE » or on www.Anyscam.com »
2.4 Legal Notices: 

What Is Ransomware?

Ransomware is a type of malware threat actors use to infect computers and encrypt computer files until a ransom is paid. After the initial infection, ransomware will attempt to spread to connected systems, including shared storage drives and other accessible computers.

If the threat actor’s ransom demands are not met (i.e., if the victim does not pay the ransom), the files or encrypted data will usually remain encrypted and unavailable to the victim. Even after a ransom has been paid to unlock encrypted files, threat actors will sometimes demand additional payments, delete a victim’s data, refuse to decrypt the data, or decline to provide a working decryption key to restore the victim’s access. The Federal Government does not support paying ransomware demands.

How Does Ransomware Work?

Ransomware identifies the drives on an infected system and begins to encrypt the files within each drive. Ransomware generally adds an extension to the encrypted files, such as .aaa, .micro, .encrypted, .ttt, .xyz, .zzz, .locky, .crypt, .cryptolocker, .vault, or .petya, to show that the files have been encrypted—the file extension used is unique to the ransomware type.

Once the ransomware has completed file encryption, it creates and displays a file or files containing instructions on how the victim can pay the ransom. If the victim pays the ransom, the threat actor may provide a cryptographic key that the victim can use to unlock the files, making them accessible.

How Is Ransomware Delivered?

Ransomware is commonly delivered through phishing emails or via “drive-by downloads.” Phishing emails often appear as though they have been sent from a legitimate organization or someone known to the victim and entice the user to click on a malicious link or open a malicious attachment. A “drive-by download” is a program that is automatically downloaded from the internet without the user’s