What Is Ransomware? And What To Do When You’re a Victim

Computers around the world were locked up and users' files held for ransom in a cyberattack Tuesday that paralyzed some hospitals, government offices and major multinational corporations.

Here's a look at how malware and ransomware work and what people can do if they fall victim to attacks.

What Is Malware and Ransomware?

Malware is a general term that refers to software that's harmful to your computer, says John Villasenor, a professor at the University of California, Los Angeles. Ransomware is a type of malware that essentially takes over a computer and prevents users from accessing data on it until a ransom is paid, he says.

How Does Your Computer Become Infected with Ransomware?

In most cases, the software infects computers through links or attachments in malicious messages known as phishing emails.

"The age-old advice is to never click on a link in an email," says Jerome Segura, a senior malware intelligence researcher at Malwarebytes, a company based in San Jose, California, that has released anti-ransomware software. "The idea is to try to trick the victim into running a malicious piece of code."

The software usually is hidden within links or attachments in emails. Once the user clicks on the link or opens the document, their computer is infected and the software takes over.

But some of the major ransomware attacks recently, including last month's WannaCry and the one spreading Tuesday, borrowed leaked National Security Agency code that permits software to spread quickly within an organization's network.

How Ransomware Works

"Ransomware, like the name suggests, is when your files are held for ransom," says Peter Reiher, a UCLA professor who specializes in computer science and cybersecurity. "It finds all of your files and encrypts them and then leaves you a message. If you want to decrypt them, you have to pay."

The ransomware encrypts data on the computer using an encryption key...

Comments are closed.