What is ransomware?
Ransomware is a type of malware which prevents you from accessing your device and the data stored on it, usually by encrypting your files. A criminal group will then demand a ransom in exchange for decryption. The computer itself may become locked, or the data on it might be encrypted, stolen or deleted. The attackers may also threaten to leak the data they steal.
How does ransomware work?
- Access Attackers gain access to your network. They establish control and plant malicious encryption software. They may also take copies of your data and threaten to leak it.
- Activation The malware is activated, locking devices and causing the data across the network to be encrypted, meaning you can no longer access it. It is at this stage that MemCrypt detects and disrupts the attack. If files have been encrypted, MemCrypt facilitates recovery. Detecting ransomware at this stage of the attack enables MemCrypt to intervene to prevent further damage even if your network has already been breached.
- Ransom demand Usually you will then receive an on-screen notification from the cyber criminal, explaining the ransom and how to make the payment to unlock your computer or regain access to your data. Payment is usually demanded via an anonymous web page and usually in a cryptocurrency, such as Bitcoin. It is important to try and establish how the attackers gained access to your network in the first place so you can prevent future ransomware attacks.
Should I pay the ransom?
Law enforcement does not encourage, endorse nor condone the payment of ransom demands. If you do pay the ransom:
- There is no guarantee that you will get access to your data or computer
- Your computer will still be infected
- You will be paying criminal groups
- You're more likely to be targeted in future
- For this reason, it is important that you always have a recent offline backup of your most important files and data.
MemCrypt stops ransomware activation and facilitates recovery in the event of an attack, including in the absence of backups.
Prevent and protect against ransomware
Attackers will likely threaten to publish data if payment is not made. To counter this, you should take measures to minimise the impact of data theft.