How can a computer program steal and ransom anything?
Good question. Here is the ransom plan:
- Step 1: The attacker will deploy a malware program that will not delete the victim’s data, but will encrypt it.
- Step 2: The attacker will contact the victim with the terms. For instance, you get a message on the screen of your computer that says, “I will destroy one of your pictures, music, or documents every minute unless you send $120 via Western Union to this account…”
- Step 3: The victim pays the ransom or does not pay the ransom.
- Step 4: The attacker supplies the decryption key or does not supply the decryption key.
Ugh! Evil genius at work… but what does encryption really mean?
To understand how the attackers can make your data unavailable while still leaving it on your computer, you must understand the power of encryption. Encryption makes your data look like random static. Imagine your documents, pictures, music all turning into TV static (pre-digital days). The only way to reassemble these files is by applying the encryption key. It unscrambles everything.
Can’t I get some program to unscramble it for me… why would I have to pay the ransom fee?
Because encryption always wins. No matter how much stronger computers get and how many passwords they are able to try per second to break into someone’s encrypted files, the encryption gets exponentially more powerful. Anyone can go online and download TrueCrypt for free. With a sufficiently random and long encryption key (20 characters or more), the US Government will not be able to get into your files for at least the next quadrillion years with current technology.
So basically, unless I pay, I’ll loose my stuff. How can I avoid this horrible fate?
Right now, you can’t pay enough money for any automatic protection program to keep you completely safe from any malware threat. We have tested and researched antivirus software thoroughly. None of them are perfect but some are much better than others. We have recommendations on our website: https://www.quickfixgeek.com/more/how-to-protect-your-pc/. The only foolproof ways to surf safely are by using operating systems that are not under attack or by using virtualization.
The operating system Ubuntu works well, can be easily installed with their windows installer and will allow you to run a 2nd OS on your computer that is currently immune to malware: http://www.ubuntu.com/download/ubuntu/windows-installer
The program, Sandboxie, is my choice. It will stop you from getting hacked right in your current windows operating system… but it can be a pain in the neck if you don’t know how to use it: http://www.sandboxie.com/
This type of software has been around for a long time, but according to techrepublic.com it has recently “made a resurgence” due the the new, hard-to-trace internet payment methods available on the web today.