The new scam pulled off by hackers is called ransomware and it’s just what it sounds: the hacker uses a malware sent to you via email in order to block you out of your computer, until a certain amount if money is paid. While the thousands of attacks on personal computers only appear in the FBI files, the attacks conducted on public establishments make the headlines. The Congress banned YahooMail, fearing ransomware, while a police department was attacked, along with a church, schools and medical centers. In the latter, the hackers asked for a ransom of $17,000 aka 40 bitcoins, to return the encypted files to the medical center.
Hackers are making millions of dollars out of ransomware and according to the forecasts, they are only going to make more in the future, as experts foresee a raise in the number of cyber-attacks. The technology advancements allow hackers to hide themselves while asking for money from millions of people. Even FBI advises people to pay the ransom, so you need to update your computer protection in order to decrease the risk of becoming a victim of the ransomware hackers.
How can you protect yourself from ransomware
The most common way to prevent ransomware and having to buy back your files from hackers is to have a backup of all your files. However, for many people and companies, it’s the downtime that is critical for their work, so this method might not fit you. Luckily, big companies are researching new methods to keep hackers away. One of these methods is detecting the behavior of a ransomware attack.
Right now, antivirus software is based on signatures, but with new ransomware programs being developed every hour, this system no longer works. The new approach is based on the detection of the ransomware steps, instead of signatures. All ransomware attacks share the same step by step algorithm, which can be detected and killed, the target files being quarantined.
No detection prevention
Another new approach to the prevention of ransomware attacks is working with the malware’s own features, which prevent it from being detected by antivirus software. The ransomware stays in a sleeping state during the analyses of the antivirus, only becoming active after it’s out of the sandbox. The new method of prevention tricks the ransomware and makes it believe it’s always in the sandbox, thus it never becomes active. This method of prevention allows the antivirus to prevent ransomware attacks without even having to detect them in the first place.
A complex approach
At the same time, some specialists in cyber-safety agree that some ransomware software is going to pass through the antivirus protection, so they focus on minimizing the losses of these attacks. This is part of a complex approach to ransomware, which aims to use both technologies and humans in the prevention, detection and protection against malware. The promoters of this method say that one can’t rely on simply one method, such as sandboxing, to keep the computer safe. Thus, they promote a complex approach, on multiple steps and levels, which could reduce the risk of infection to the minimum.