How do they work?
Ransomware is a type of malware that limits the victim’s access to the infected device and demands that they pay a ransom for the removal of the blockage. For example, some forms of ransomware lock the system and demand that the user pay for unlocking it; others encrypt the files and ask the victim to pay to have them unencrypted.
Signs of ransomware infection
Ransomware is usually spread by email or phishing. Organisations are therefore the ideal victims of this type of attack.
The recipient, unaware of the scam, opens the email and downloads the attachment or clicks on a link to a malicious website where the malware is hosted.
The computer and any connected backup units are infected and the data is encrypted. All personal or company information stored on the computer or the network will be compromised.
The attacker reveals their identity to the user, announcing the success of the attack through a pilot screen. The user is asked to pay a ransom in Bitcoin to have the PC unlocked.
The recipient often ends up paying the ransom to regain access to the PC. Otherwise, the files will be lost and the computer will be unusable.
What to do
Do not accept unsolicited files
Backup your files regularly
Always update your system and software
Beware of suspicious emails
Do not pay the ransom
It is crucial to always report any suspicious activity to the police, if you are an individual, or to the IT department of your company, if you are an employee, because a ransomware attack can quickly infect an entire network.