What the Tech? How Ransomware Works

What is ransomware? I’m sure you’ve heard the phrase or word many times over the past few months.

Last month the Colonial Pipeline was hit by ransomware that disrupted fuel supplies for over a week. More recently JBS a meat processor, reported their networks had been taken over by hackers and held for ransom. Extortion attempts such as this are on the rise.

How does it happen? Often with one click of the mouse by an employee.

How could one person install ransomware on their company’s computer network? It’s often as simple as opening an email or clicking on a link found in an email or online.

Curious, I checked the spam folder in my Gmail account and found dozens of emails that likely included some type of malware or ransomware. One email stood out because I’d received dozens of the same email in the last 24 hours. It was addressed to me and the sender was labeled “FB”, the initials of the social media network Facebook.

When I clicked on the email (I didn’t click on a link) I saw it was notifying me that someone had logged into my Facebook
account and asking me to confirm whether it was me, or if I’d like to report it.

Hovering over the link I saw it was not from Facebook but the link would lead me to a strange email account. Another email I received announced a donation was being sent to my family.

It included a .txt file which could have easily been malware. If I had clicked it, the .tx file would install on my computer. It might have searched files for login information and passwords. It could have installed keystroke loggers, or it could have installed ransomware that encrypted all of my files.

Always hover above any email address you receive and look in the far lower-left corner in Gmail to see where the link will lead.

Ransomware has been around for a dozen years and first targeted random consumers, asking for a few hundred or a few thousand dollars to release the data. Over the last year, ransomware targets have been much larger with deeper pockets.

Employees working from home over the last year on their company-provided computers have made ransomware attacks easier to carry out. Employees don’t have an I.T. person standing nearby. They’re also more likely to use their company computer to check personal email or Facebook or even play online games.

That’s risky and employers have been notifying their remote workers to keep their work computer their work computer and nothing more.

Google does a pretty good job at blocking rogue emails and spam but Mozilla’s Firefox may be a little better and offers a tool to check to find out if your email address has been compromised in a breach.

If you have an iPhone or iPad, it is much safer to check email on those devices. Ransomware will not encrypt iPhones and iPads. On a computer, download a good anti-malware program such as Malware Bytes.

Think before you click on any link, even if it looks like it came from your boss or looks like an official company notice. It’s a good idea if you receive an email from someone at work to pick up the phone and call to verify before clicking.

Categories: News Video, What The Tech