Ransomware refers to a term where the hackers demand payment in the form of electronic currency such as Bitcoin or electronic payment of some amount before they will give you the keys so you can decrypt your data and gain access. You fall victim to ransomware attacks via malware that gets installed on your computer without your knowledge or authorization and the malware encrypts all the data on your computer. Imagine if you had thousands of photos on your computer, or whole bunch of data that is important to you that you need access to and now they are all encrypted, meaning you can not read the data without decrypting it. How would you feel about that? Imagine when this happens to large organizations like hospitals, police departments, fortune 500 companies. How devastating this can be to not only the organizations that get impacted, but also to their customers. There has been many incidents lately where police departments and hospitals have paid ransom to obtain the keys to decrypt their data. You can google ransomware and hospitals or police departments and you will find many articles.
Encryption in simple terms means the data on your computer goes through some complex mathematical formula and changes it so it is unreadable. For example, lets take a Word document that has "dontgethacked.net" written in it. If we run this word document through an encryption software and when you reopen the document, you will not see "dontgethacked.net". Instead you may see something like this, "V &*%$HGYFJ((*&XXX415w30JKHBDHJGFSllkhjhfSGBKDO". No one can figure out what those numbers, letters and special characters mean, so therefore it is useless information. When you decrypt it using decryption keys, and reopen the Word document, you will see "dontgethacked.net" again since you have the correct keys to decrypt the file. Well, this is what ransomware malware does, encrypts all your data so it is not readable. If you have a good recent backup of your data somewhere offsite like in a Cloud, then you will not care about paying ransom to get the decryption keys because you can just restore your data from your backup.
Malware is a piece of software or computer code that gets installed on your computer without your knowledge and is designed to cause harm. Some of the ways you get malware on your computer is via visiting websites that may have some vulnerability which are exploited by the hackers. For example, when you visit a vulnerable website, you may get a pop up window that may say your computer memory is full and to click OK on the pop up window to clear the memory before your computer crashes. Do not ever click on OK on the pop up window. If you do, you just got a malware downloaded and installed on your computer. Or you could click on an image on a website that had the malware embedded into the image. As soon as you click on that image, malware gets downloaded to your computer and infects it. Hackers trick people into clicking on links and pop-ups and many people fall victim to it.
You can also download malware without your knowledge by clicking on links or opening attachments in emails. These emails come from hackers and looks like any other email. Once the malware gets on your computer, it will quickly spread to other computers on the network. Or you could connect a USB flash drive to your computer that you found in a parking lot. We are all curious and may want to know what is on the USB flash drive. What if the USB flash drive was a bait left there by some hacker. As soon as you connected that USB flash drive to you computer, malware code got installed on your computer and now your system is compromised. There are many types of malware and each designed to do different things. Some encrypts data on your computer like the ransomware malware, some logs anything you type on your keyboard or anything you click on the screen and the data gets uploaded to the hacker. For example, the malware will log your username and password to your social websites or your bank and sends that data to the hacker without you even knowing anything about it. There are thousands of malware and many variations of each.
It is a good practice to perform regular backup of your data from your computer and store it offsite in a public cloud environment. You can get really cheap storage from Google, Amazon, Microsoft and Dropbox and there are many others. You should also have a second copy of your data backed up to a USB hard drive which you need to make sure you disconnect from your computer once your computer backs up the data. The question is not if I will get compromised, the real question is when.
