Ransomware is a type of malware sent by hackers to lock and encrypt the victim's computer devices. The term ransomware itself comes from “ransom” (a sum of money demanded for the release of a prisoner) and “malware” (malicious software). Thus, the victim's device will be held hostage and cannot be used until the ransom demanded by the hacker is paid.
The most common spread of ransomware is through phishing emails, exploiting system vulnerabilities, and infected downloads. According to Trend Micro, ransomware can also spread through malicious advertisements (malvertising), messages containing harmful links, and even through external storage devices.
Ransomware is divided into two main types based on how it operates:
1. Encrypting Ransomware
Encrypting ransomware, also known as crypto-ransomware, is the most common and dangerous type of ransomware. This malware works by encrypting important files on the victim's device, making them inaccessible without a decryption key. Once the encryption process is complete, the attacker will display a message requesting a ransom to obtain the decryption key.
2. Locker Ransomware
Locker ransomware operates differently from encrypting ransomware. Instead of encrypting files, this type locks the user's access to the entire system or device. Typically, locker ransomware targets operating system functions, preventing users from logging in or using their devices normally.
To prevent ransomware attacks, there are several measures you can implement, including:
1. Awareness of Ransomware
- Avoid clicking on random links; it’s best to hover over them to check which URL they lead to before clicking.
- Avoid opening suspicious email attachments.
- Do not disclose personal information to unknown sources.
- Only use trusted download sources.
- Use a VPN service when connecting to public Wi-Fi networks.
2. Always Update Software and Operating Systems
3. Always Back Up Data
