What is ransomware and how to remove it?

New call-to-action

Ransomware is malicious software, created by hackers, that infects computers and usually either blocks access to certain files or can lock users out of their entire device. Hackers will request a ransomware payment for victims to regain access.

Ransomware is not a new concept, but attacks are becoming more frequent. One of the most high profile UK cases being the 2017 WannaCry cyber-attack on the NHS. 

 

Different types of ransomware

While there are countless strains of ransomware, they typically fall into two different types:

  • Crypto ransomware

Crypto ransomware encrypts the victims’ valuable files on their computer so they cannot access certain files. Hackers will use these encrypted files as leverage for payments, usually requesting the owners pay a ransom to recover their files.

Examples: CryptoLocker, Jigsaw, CryptoWall

  • Locker ransomware

Locker ransomware locks the victim out of their entire device. With zero access to their devices, this attack is particularly malicious and will usually result in the victim paying the ransom.

Examples: WannaCry, Locky

Ransomware attacks are carried out in many different forms. One of the most common is phishing – phishing comes in the form of email, usually from a trusted source containing attachments. Once opened, the hackers will use this to access the victim’s system.

 

Who will be a target?

Large or small, public, or private, any business can be victim to a ransomware attack. Hackers will target companies for a variety of different reasons including:

  • If the hacker finds weakness in the security system and exploits this
  • If the company will more than likely pay out to the ransom
  • If the company has sensitive information or data sets that the hacker knows the victim will not want leaked

How to get rid of ransomware

Ransomware attacks can be scary, many businesses pay the ransom just to make the problem go away – but giving into the hacker’s demands doesn’t necessarily mean you will regain access to your files or system. To remove ransomware:

  • Enlist the help of a security/IT Specialist
  • Install antimalware software
  • Using anti-virus, scan your computer to find the ransomware programme

 

How can I protect myself again ransomware?

Ransomware may attack devices that have not updated their systems, but ransomware can also rely on human error to catch a victim. It's essential to ensure that you apply security best practices to minimise your risk of falling victim to ransomware:

  • Use a cyber security system that includes a Firewall and operates in real-time
  • Filter emails to avoid clicking on a potentially dangerous email or link
  • Limit company access to confidential or sensitive information
  • Create secure backups and test on a regular basis
  • Do not install software or give it administrative privileges unless you are 100% sure it’s legitimate.
  • Ensure everyone in the company is aware of what to do if they think they may have clicked on a potentially malicious site or link
  • Provide mandatory company training to create awareness of ransomware and best practices when working online.
Back to Blog

Related Articles

What is social engineering? And how to avoid it

Phishing, Baiting, and spear phishing are terms that we all have probably heard of, and we know to...

Are your backups protecting you against ransomware?

Ransomware is malicious software, created by hackers, that takes over your computer and displays...

How to avoid an HSE style cyber attack

Last week the HSE unfortunately fell victim to a cyber security ransomware attack which has...