The Growing Ransomware Threat: What you need to know

As regular computer users, we hear it time and time again, and probably repeat it to ourselves fairly often when working: Do not open suspicious emails. Do not download unsolicited attachments. Stay clear of untrusted websites.

No matter how often you hear these tips and put them into use, it’s still very possible that either you or somebody on your network falls victim to the various techniques used by ransomware hackers to infect your computer and encrypt all of your data. Once encrypted, hackers then give you a choice: either pay the ransom or lose all of your files, forever.

How you may be targeted

Being aware of how these cyber criminals hijack your data is a critical first step to preventing ransomware attacks. Typically computers are infected via a phishing attack, which aims to persuade victims to open malicious attachments through an email that appears to be legitimate. However, hackers are also beginning to target websites through vulnerabilities in the code hosting the site in order to gain access to the underlying operating system.

The most common technique used by hackers is remote command injection, where they seek to execute arbitrary commands on the host operating system via a vulnerable application, operating system vulnerabilities, web server vulnerabilities, or vulnerabilities in website plugins or extensions, with the end goal of downloading and executing the malicious code.

Look out! A new type of ransomware is on the rise

Traditional ransomware programs require the infected computer to communicate back to the attacker’s’ servers, which generate unique encryption keys for all infected computers. However, the hackers behind the notorious Locky ransomware have updated their previous version, allowing them to attack even if the infected computer is offline or if a firewall is in place to prevent communication between the infected computer and the attacker’s servers.

Locky then renames all files to give them a .locky extension after it scrambles and encrypts them, and only the criminals have the decryption key. Once again, you can only decrypt these files once the ransom is paid. According to a blog post by security firm F-Secure, there have been two massive email spam campaigns distributing Locky on such a large scale that it’s reaching more than 120,000 spam hits per hour, more than 200 times the amount on a normal day.

How IDrive can help

No matter where you look, the best defense against ransomware attacks is a viable backup solution. With IDrive, if hackers are successful in locking your files, you can just do a simple restore and pick up where you left off, without paying the overwhelming fees and enabling these criminals to continue their attacks.

Over the course of a year, the average fee these hackers have tried to extort from victims has more than doubled from $294 to $679, so with the ransom cost rising and the threat becoming more and more prevalent, now is a great time to sign up for IDrive so you can stay relaxed knowing that your data is safe in the face of any cyber threats.