By Ronald Samonte

July 22, 2023

black and red laptop computer with lock
black and red laptop computer with lock

Beware of Ransomware

There a lot of horror stories online of people getting lock-out on their personal social media accounts then getting threatened and blackmailed by hackers for monetary gain. We are in the age where information is just on the tip of our fingertips. The increase of internet coverage and availability of more affordable PC, laptop and smartphones have resulted in more people visiting the web to conduct business, get information, post social media contents etc. While people embrace the openness and freedom of doing things on the internet this has also given bad actors opportunity to look for potential targets be it an organization or a simple individual like you and me.

As a matter of fact, cyber-attacks have become quite increasingly sophisticated and dangerous. It's not just personal social media accounts being targeted even companies with established cybersecurity defenses have become big targets. The popular social media forum Reddit was not spared and got hit by a cyberattack. The attackers gained unauthorized access to some valuable documents and codes and held it for a ransom of $4.5 million.

This type of cyberattack is called a "Ransomware". Ransomware is a type of malicious software or malware that encrypts the files in your computer. When the files have been encrypted it will appear as a garbled mess of characters and symbols. In other words, you won't be able to make use of your files without a decryption key which the hacker possesses. The attacker in most cases would offer to decrypt the files but only after getting the ransom paid.

How does the cyber attacker even get access to our computers? The attacker may engage in several sophisticated methods such as phishing. When you unknowingly click on a supposed to be legit looking link from a suspicious email and downloads a malware into your computer, that could be the start of a ransomware attack. I wrote an article on Phishing that you can also check to get a better understanding on how it works and how you can prevent it from happening.

One of the most damaging ransomwares to have struck this year was the MortalKombat malware. According to a Bitdefender article this malware "once executed MortalKombat Ransomware encrypts data and generates files with specific extension ,,Remember_you_got_only_24_hours_to_make_the_payment_if_you_dont_pay _prize_will_triple_ Mortal_Kombat_Ransomware." This malware targets Windows PC and is delivered through phishing emails that impersonate the cryptocurrency platform CoinPayments. Bitdefender also have released a decryptor for the current version of MortalKombat that is available for download at their website - Bitdefender.

Now that we know how much dangerous is ransomware, the question is how do we protect our ourselves from a ransomware attack? Listed below are some of the things that we can proactively do to prevent a ransomware attack.

Keep your operating system up to date with special attention on security updates.

Ensuring that your operating system is updated to the latest version means that vital security patches on existing and known threats would be prevented from taking advantage of security loophole on your computer OS.

Make sure your anti-virus/internet security software is always updated.

There are a lot of robust anti-virus/anti-malware Internet Security software in the market. Some of the more known AV companies are Kaspersky, Bitdefender, Norton and Malwarebytes. These companies offer several types of products - aka subscription plans with different features and price points. If you're sensitive on cost, getting a free version is not bad but not recommended as the security features are a bit limited. Microsoft have the built-in Windows Defender AV tool that is available on Windows 10 - 11 PC. It should offer robust protection from online threats.

✅Be extra cautious when opening emails from unknown sources. Do not click links unless you are confident the email and link come from a trusted source.

Before you open an email it's a good idea to check the email address or domain names (URL). If you're suspecting that the email could be fraudulent, please report it to your IT department or just delete it if you're at home.

Avoid downloading software and files from untrusted sources.

Your trusted anti-virus/Security software should flag you whenever you enter an untrusted site. This should prevent an attack from ever happening. When your security software flags a suspected site, please don't manually over-write the AV by proceeding to go into the website.

Backup your important files using external storage devices.

It's a good practice to backup important files on a regular basis. Also, for peace of mind in case you messed something in your OS you should also start creating restore points if you're on Windows machines.

In terms of protection and features I find that Windows Defender is just ok but lacks some of the security features that is important to me like for ex. Privacy Protection. An extra layer of security on my computer webcam and microphone gives me a piece of mind that my privacy is protected when I'm online. This is the reason I switched to a paid version of Bitdefender. I've been a Bitdefender user for 2 years and counting and I'm satisfied on the protection it provides for me and my family's devices. For ransomware protection Bitdefender has the Ransomware Remediation feature. Thankfully I have not used this feature due to how effective Bitdefender is so good at protecting my devices. Other popular AV companies offers similar Secuity and Protection features and should give you more options if you opt for a paid anti-virus/Internet Security subscription.

Bitdefender Interface showing Protection Features

If by some bad luck and your computer has been infected by a malware causing ransomware, you should immediately disconnect your infected device from the network by unplugging the ethernet cables, turning off Wi-Fi and Bluetooth. Also, if there were external storage devices connected to your computer when the infection happened you should quarantine the storage devices to prevent the spread of the malware. Don't forget to take a photo of any ransomware demand that is displayed in your computer. You can later use this to document the cyber-attack and should help IT or cyber security experts to help fix or remedy the problem.

If you 're on an anti-virus subscription plan, contact customer support immediately. They should be able to provide technical support to help on resolving the situation. Don't try to DIY and mess around with the ransomware. The best thing to do is contact a cyber security expert or any popular AV company thru email, chat or by calling and inform of your situation and inquire if their product can help in detecting the malware and getting back your encrypted files. Lastly, it's important to stay calm and don't panic and give way to the hacker's ransom demand.