Deep in the dark web, shadowy figures lurk behind cobwebbed walls… Eyes shifting from side to side as hackers roam, scanning the darkness for their next big mark…
The dark web is the playground of the technological crime bosses and of them all, none are quite so bad as ransomware. Ransomware might have been around for a while, but the gangland wars have started and there’s a new kid on the block: Locky.
Read on to find out what ransomware is, what you need to know about Locky, and how to protect yourself from an attack.
What is ransomware?
Ransomware is a malicious software (“malware”) that infiltrates your computer and hijacks your files. Ransomware then scrambles and locks your files so you can’t access them unless you pay a ransom to get them back.
How do you get infected with ransomware?
Ransomware generally enters your system in the form of a Trojan, tricking the user into downloading it by pretending to be innocuous, interesting, or useful. Once downloaded, the ransomware will immediately restrict your file access.
What types of ransomware are there?
While there are numerous different ransomware Trojans out there, a few are notorious for how quickly they’ve spread. The four major ones are:
- Reveton
- CryptoLocker
- TorrentLocker
- Cryptowall
And there’s now a new kid on the block, unfortunately. Known as Locky, this new ransomware is spreading fast and is more mercenary than anything we’ve seen before.
Locky: Beware this new ransomware
Locky generally enters your system through email. If you open the attachment with the email, you’ll see a page that looks like complete nonsense along with the request to enable macros to resolve poor data coding.
If you do enable macros, the document is able to run a code embedded by the hackers, allowing the Locky ransomware to download fully.
Once Locky is on your system, all your files will be scrambled and the file extensions changed to ‘.locky’. Locky is also able to scramble files from any other directories you can access from your computer, including removable drives, other networks, accessible servers and so on.
You’re then presented with a ransom note set as your wallpaper, explaining what’s happened and giving instructions on how to pay a Bitcoin ransom and unlock your files.
How you protect yourself from ransomware?
Malwares are one of those things you assume you could never fall for… until you do. These programs are insidious and the hackers who wield them are experts in the art of manipulation.
However, there are some important steps you should take as standard to protect yourself.
- Always back up! Store your backup in an offsite backup centre so you can be sure your files are protected in the case of PC infiltration. (Read more on backing up and recovering data).
- Don’t log in as domain administrator unless you need to. The more network shares you have access to at any one time, the more vulnerable your entire computer system is.
- Never enable macros if you’ve received a document via email. Don’t even download emailed documents unless you’re confident about the source. You can use a viewer application to look inside the document before downloading to check, if you’re unsure.
And lastly…
Invest in a professional IT security service provider. IT is so fundamental to everything we do, in both a professional and a personal capacity, that it doesn’t make sense not to protect it.
Mike Hickson
LSA Systems