What is ransomware?
Ransomware is a type of malware that has made fast strides and is now unbelievably pervasive. It comes in two major types: cryptors and blockers.
Having infected a computer, cryptors encrypt valuable data, including documents, photos, game saves, databases, and so on. Once they’re encrypted, the files cannot be opened, and a user cannot access them anymore. The criminals behind the attack then demand ransom in exchange for the encryption key to restore access to the files. Ransom averages about $300.
Why you need to know about ransomware
First, ransomware programs are both abundant and prominent. They target all operating systems, such as Windows, Mac OS X, Linux, and Android, which means they can affect desktop computers and mobile devices. The majority of ransomware programs target Windows and Android.
It’s also quite easy to get infected. Most commonly, ransomware infiltrates a computer when a user opens a malicious attachment, clicks on a suspicious link, or installs apps from third-party app stores. However, ransomware can come from legitimate websites: Lately, for example, cybercriminals have been using advertising networks to deliver malware to users.
Alas, it is also pretty easy to fool lots of users into thinking they are opening or downloading something important — like a letter from a bank or a critical program installer — when instead, they are infecting their own devices with ransomware.
Arguably, the main issue with ransomware is that removing the malware does not solve the problem. A good antivirus program, and even some targeted utilities, can typically remove ransomware effectively. But if the malware encrypted your files, you have to decrypt them to get access back.
How to decrypt files
If ransomware managed to get inside the system and encrypt your files, you will not be able to decrypt the files on your own. You have, in essence, two options. You could capitulate and pay the ransom — which, for the reasons above, we do not recommend.
The better option is to visit noransom.kaspersky.com and see if we have a decryptor that can decrypt your files. Our decryption tools are available free of charge, although we do not yet have a tool for every crypto-ransomware.
With that said, you don’t have to wait until something bad happens, so go ahead and take preemptive measures.
How to protect yourself from ransomware
- Don’t open suspicious e-mail attachments, don’t visit murky websites, and don’t download programs from any sites other than official developer websites and app stores. Learn to spot phishing messages, and do not click on their links.
- Do back up regularly. If your files are stored on both PC and external drives or in the cloud, you can just use your antivirus program to remove the ransomware and then restore your files from backup copies.
- Install a good antivirus program. Check out Kaspersky Internet Security, which has a unique “System watcher” feature that provides essential protection against ransomware. By the way, in recent independent benchmark tests, Kaspersky Internet Security fought off 100% of the ransomware testers threw at it.