Note: As will be mentioned a number of times ‘Malware’ is the correct ‘umbrella’ term when referring to computer viruses. However, as, colloquially, the term virus is more readily understood, both will be used throughout discussions that relate to the topic.
Ransomware is just one of many different types of virus a user may encounter. It is malicious software that usually threatens either:
- To publish user data. (Thereby threatening their privacy and date security.)
- To permanently block access to user data and/or computer unless a ransom is paid. (No guarantee the block will be removed even if payment is made.)
Cyber criminals generally utilise one of the following to achieve their aim:
- Locking the computer screen – Most frequently with a full screen message that prevents the computer being used and includes instructions on how the user may pay for their system to be released.
- Encrypting files – Prevents access without a ‘key’. The message usually includes a threat to delete the files if a ransom is not paid for the ‘key’ (normally a numeric code). (Again, no guarantee the code will be provided even of the ransom is paid.)
An alternative to the above is for fake anti-malware scanning results to be displayed in the hope of getting users to purchase bogus anti-malware software. (Of course, the bogus software will undoubtedly incorporate malware/viruses.)
Ransomware can be spread (downloaded) onto systems by a variety of methods including:
- Visiting malicious or compromised websites.
- Opening attachments to spam e-mails.
- Opening/viewing malicious advertisements.
- Downloading infected software.
- Connecting ‘infected’ external storage devises.
- Etc. (The above are the most common sources but not the only ones.)
Naturally, in all instances, the user is unlikely to be aware they are opening, viewing, downloading or connecting with/to erroneous, malicious or compromised material. Care should always be exercised when proposing to do any of the above.
There are a number of different malware types with, naturally, differing names even though some, in effect and impact, are similar. Some name types are no longer encountered on a regular basis nevertheless, it is worth mentioning a few as they will undoubtedly arise from time to time (perhaps under a different description but nonetheless, with the same effect).
Scareware is another form of ransomware. It works by warning a computer and/or its files have been infected. These messages tend to appear to be from legitimate computer/antivirus software companies. The intent is to frighten, shock or cause anxiety to the computer user to such an extent that they rush to pay a demanded fee to quickly fix the problem. This normally results in the downloading of fake antivirus software. What is downloaded is actually malware that is intended to steal personal data (including bank and credit card information and passwords). Sometimes, though rarely these days, the ‘software’ is simply non-functioning.
Note: Users should be particularly aware when tired because it is at those times the brain does not always function clearly and they are more prone to panic and to take an action without forethought.
As with most crimes, the cyber criminal behind the virus attack wishes to control and/or extort money from unsuspecting, innocent, computer users. Regrettably, such crime, well in truth personal crime of all sorts, is on the increase. A sad reflection upon modern society.
It is appreciated the following are consistently repeated within related articles but it is necessary to ensure users, for their own safety, continually bare the points in mind.
- Avoid opening unverified e-mails or clicking upon links contained in them.
- Avoid visiting unknown websites (includes blogs) or following links to one if it has been provided by someone not known or not from a recognised group.
- Do not download software from an unknown company or source.
- Do not download anything from an unconfirmed website or contained in an advertisement by unknown company or person.
- Do consistently backup files. (Suggested at least two or three backups on different devises that are stored in separate locations e.g. USB, Hard-drive backup devises, CD (for older computers) etc.)
- Do regularly update software: programmes, applications, antivirus systems, etc. (New versions of malware are constantly devised and detected and most software companies update their programmes to counter attacks from them (each new virus requires a new resolution). Not to regularly update the computer software may leave it vulnerable to attack from the newer viruses.)
Some also suggest being particularly aware of e-mails that purport to be from Microsoft and have attachments advising the recipient to enable macros to view the content. (This may be an older problem but it is worth mentioning, just in case.)
Avoiding all of the above can be difficult for independent authors who wish to connect and interact with their fellows. The rule of thumb is to always try to first ascertain whether the person, website, etc. is genuine. However, sometimes there is little choice but to take the chance.
There are some initial actions a user may take when confronted by one of these malicious software viruses.
- Close the browser by using CTL-ALT-DELETE or equivalent. DO NOT click on any alternatives within the pop-up or message such as ‘NO’ “CANCEL’ or the usual ‘X’ in top right corner. Doing so could result in activation of malware and damage to the computer system.
- If cannot close browser as above, go to Task Manager or equivalent and click ‘END TASK’.
- If neither works: Try turning computer power off.
- If all of the above fail: Contact the anti-virus software company utilised for the computer. (Hopefully, users have the company’s details recorded elsewhere. If not, utilise a different device, if available, to search for contact details, preferably telephone as will need fairly immediate action.)
Once the browser (Google; Firefox; Edge; etc.) has been closed, and if not done simultaneously, the computer should be shut down. When turned back on, users should ensure a full antivirus scan is run. (Most antivirus software systems have the option to manually request a scan – use the full scan facility rather than the ‘quick’ option.)
A lot of malware operates by adding applications and/or programmes to the computer system. Once the user has regained access they should check the installed programme list for ones that have been installed without their knowledge or authority. If any are found they should be uninstalled. Programme lists may be found via the computer’s control panel or equivalent. There should be a simple ‘uninstall’ option available.
After doing the above users should also check browser programmes for any malware installed in them (these will not show in the computer’s own programme list). Where more than one browser has been used, even if only once, ALL should be checked. From the browser menu the user selects the appropriate option: ‘Tools’; ‘Add-ons’; ‘Extensions’ or a combination. In Chrome it is Tools>Extensions. In Firefox it is Add-ons>Extensions. In Safari (Mac) Preferences>Extensions. In Microsoft Edge it is Extensions. Within each there is the facility to uninstall unwanted or erroneous software.
Ransomware is perhaps the most common virus the majority of users will encounter though there are others that arise fairly frequently.
As with most criminal activity, the intent is to frighten, scare and rob the victim. In these instances by trying to extort money or to take an action that gives unauthorised access to personal data for malevolent purposes.
As with most such issues, whether they be computer or say home related, careful consideration should be exercised before taking any sort of action, especially if it is outside the user’s normal daily habit.
When confronted with a locked screen, fake message or spurious scan results it is important NOT TO PANIC. The cyber criminal is hoping to push the user to take unwarranted, and probably costly, action.
In most cases taking the initial and subsequent actions suggested should deal with the problem.
Disclaimer: The writer is not a computer programmer or in any other way a computer software expert. What is shared has been learnt through limited personal experience and/or through research. Consequently, though every effort has been made, total accuracy of all the above information cannot be guaranteed.