WIRED
Move over viruses, step aside worms: Ransomware has the spotlight and isn’t about to give it up. From taking down entire fuel pipelines to hijacking hospital networks, it’s the cyberattack du jour. Not only do you have the potentially disastrous consequences of being locked out of your most important files and systems, you also have to decide if you’re willing to pay cold, hard cash to get access to them again, if you even get access after paying.
That’s where the name comes from—ransomware attacks literally hold your data for ransom. There are a few variations on the theme, but it’s usually very recognizable. Malware is used to encrypt your files (in some cases even double-encrypt them) so they require a specific key to be unlocked. The damage can quickly spread across computers and networks. In some cases you might be locked out of your system completely, along with any other systems on the same network.
Ransomware isn’t particularly difficult to develop or deploy, and it’s profitable. While it started out as a problem for home users, it has now spread to become a problem for businesses, and several high-profile attacks have recently targeted government agencies and infrastructure companies. The threat is very real no matter who you are—so how do you protect against it?
Keeping ransomware off your computer isn’t actually much different from keeping any other kind of malware at bay, and very similar rules apply. A ransomware attack can’t happen without some access to your system, which is usually achieved through a rogue application—be cautious about downloading or opening any files from the web or your email if you’re not certain of their source.
Hackers now use a variety of social engineering techniques—such as spoofing an email that looks like it’s an urgent missive from your boss—to try and get you to install something you shouldn’t or to download files you think are attachments but aren’t. Think and think again before opening and running anything on your computer, especially if it arrives without warning.