Ransomware is a type of virus or malware. The difference is that where a typical virus may go after your operating system or programs, ransomware goes after your data. By using cryptography in line with international standards or better, ransomware encrypts your data with a public key.
What is PKI?
Ransomware utilises public key cryptography or PKI. The victim’s data is encrypted using a globally accepted encryption algorithm and a public key. The data can only be decrypted using the same algorithm and a private key.
Victims can have folders, hard drives or entire networks encrypted. The syndicate’s business model is to hold the private keys ransom and threaten to destroy them unless the victim pays a fee to release the them.
Instructions on how to pay the syndicate concerned via cryptocurrency are often displayed on the victim’s laptop. Once the ransom is paid, the private keys are sent to the victim’s machine to decrypt their data. Ransomware syndicates have been known to extremely professional in assisting and responding to their victims.
As an industry, ransomware projected earnings are comparable to streams in the illegal drug trade. The WannaCry ransomware outbreak of May 2017, worked similarly and took advantage of a Windows zero-day vulnerability to execute itself, encrypt machines and propagate across the internet. Standard Bank system availability was unaffected.
How to protect yourself from ransomware attacks
- Update your software regularly
- Make sure to keep antivirus software up-to-date, so it blocks the latest emerging ransomware
- Be wary of suspicious emails and pop-ups, and do not click on dubious links
- Create backups of your data and store it somewhere safe, like on a physical hard drive