Ransomware – when your computer is encrypted

Internet Risks

The digital extortion business is booming. Ransomware – a combination of “ransom” and “malware” (malicious software) – is flourishing. Hardly a day goes by without a ransomware incident reported in the news. These reports mention companies, hospitals, organisations – but what about the private sphere? Are private individuals affected by ransomware too?

iBarry stands in front of the encrypted laptop

When ransomware infects a computer or network, it blocks access to the system (locker ransomware) or encrypts its data (crypto-ransomware). Cybercriminals then demand a ransom from their victims for unlocking the data. The amount usually has to be paid in a cryptocurrency such as Bitcoin, with correspondence usually carried out over the Darknet.

“The new generation” of ransomware players has no interest in discounts or lengthy negotiations. So when they encrypt the data they provide a deadline for ransom payment. If the ransom demand is not met, confidential data is published directly or destroyed.

How does ransomware work?

You can receive malware via an attachment in an email, a file download or on a falsified website purporting to be from a serious provider.

Once the malware is on your device, you no longer have access or a way of decrypting the data yourself. In some cases, your screen will suddenly go black and your device will no longer respond to mouse or keyboard inputs. A menacing text from the perpetrators then appears, threatening the deletion or disclosure of all data on the computer. The text usually contains the following features:

How to protect yourself against ransomware

To avoid having to remove ransomware from your computer in the first place, you should treat unknown files with care.

In the event of a ransomware attack, disconnect your computer from the internet and all attached storage media immediately to prevent further damage. In most malware cases, it is also a good idea to format the hard drive, set up the computer entirely from scratch and install the backup.

Report the cyber incident to the National Cyber Security Centre (NCSC).

«Never pay the ransom! »

While many individuals and companies are tempted to pay the ransom to regain control over their systems, this should only be a last resort and carried out in consultation with the police. Paying the ransom motivates the blackmailers and makes you an attractive target for further attacks.

Additional information