Ransomware Defined: How Does It Work & How to Prevent It

Ransomware is malware that encrypts your data. A private (and closely guarded) key can make your files readable once more. But hackers typically won't give you that key unless you give them something in return.

A ransomware attack is always serious, and some companies are prepared to pay anything to get their files back again. But you can close vulnerabilities that leave you open to attack. And if you are hacked, you'll need to take quick action to restore normalcy. 

What Is Ransomware?

You click and click and click, but you can't see your files. Instead, you see a threatening message that demands money.

What's happening?

You could be dealing with ransomware.

To execute an attack, hackers install malicious software into your system. All you'll see is a demand for money. Pay the fee, and you'll gain access again. 

Ransomware might involve:

  • A dark screen. You're tapping away on your files, and everything fades to black. All you can see is a demand for money or a set of instructions. 
  • Endless popups. Your device is flooded with windows containing messages, video, or pornography. 
  • Malfunctioning devices. Some devices won't turn on at all, or they make horrible noises you can't stop. 

The first documented ransomware attack happened back in 1989, and it became widely popular (and feared) in 2012. At this point, millions of people have lived through an attack like this.

How a Ransomware Attack Works 

Hackers are clever, and they have all sorts of tricks they can use against you. Ransomware attacks stem from ordinary, everyday activities that you may never suspect or think twice about. 

Ransomware is usually deployed in one (or both) of two ways:

  • Manual deployment. Here, a hacker gains administrative access to a system and places ransomware on targeted systems.
  • Automated deployment. A system is compromised and ransomware installed via the system.

Your servers could be infected via:

  • Popups. You're visiting a website, and you see a screen informing you that you're infected with a virus. Tap a button, the message says, and you'll eliminate the threat. 
  • Email messages. You're sent a note saying that you won money or you need to authorize a delivery. You're shown a button to click. 
  • Phishing (deception). A website you visit often is hacked. While it looks very similar to your prior visits, tapping buttons leads to unexpected behaviors. 

Once you engage with the lure set out by the hacker, your tap leads to the installation of malware. You may not notice this is happening, but your computer is gaining a new friend that quickly encrypts all of your files so you can’t access them. 

When the program is complete, you're shown a demand for money. Ransom amounts vary, but most hackers ask for small amounts from individuals. You might be asked for $400 to get your files back

Large companies with plenty of files see much larger monetary demands. It's not uncommon to face requests of thousands of dollars, and the hacker might ask you to pay with bitcoin.

 

How to Respond to a Ransomware Attack

Ransomware Recovery & Removal 

It's easy to think of attacks as simple, amateurish attempts at extortion. Unfortunately, most hackers tap into sophisticated tools that are nearly impossible to replicate or defeat. 

If you are attacked, experts recommend these steps:

  1. Restart. Use Windows' Safe Mode when you restart. 
  2. Scan. Tap i