On Getting a Ransom Message

​Kidnapping for ransom is not only a hot topic in crime movies but a real-life reality as well. The level of crime varies country-wise. It, however, is on a considerably large scale in third-world countries, especially the war-hit regions. A typical example of kidnapping for ransom is the Hollywood famous movie “Die Hard”. John McCain got a Ransom note for the safe return of her daughter, who was kidnapped, for a large sum of money. You need not do the same thing on getting a ransom message, as John did in the movie “Die Hard”. But you still have to do something. Here we explore it in the following lines.

Ransom Notes

The ransom notes have transformed from paper to digital. The data on our computers is a new hostage now. ‘Ransomware’ is a term for this innovative Cyber hiking. It is but the latest of online frauds generating hefty cash for the global e-hikers. Let us try to understand how hikers access a computer and what safety measures are possible to assure. 

​​​ ​How Does It Look? 

Your computer stops opening your much-needed files. You fail to access your snaps, and the same starts happening with your other data inventory, videos d every sort of your storage. The data is intact and safely stored on your computer, but you are unable to open it. In extreme cases, access to your computer or website stops completely.

At this point, you get a message (usually by email) for paying a certain amount to someone for the release of access to your computer and the data on it. A ransom is asked in cryptocurrency, the bitcoin, the first choice in most cases. Need not rush to buy a cryptocurrency for following the remittance instructions. Instead, go through the guidelines provided below.

​​Understanding Ransomware?

Ransomware is a piece of software that scrambles files and demands payment before unscrambling.

It is the most stringent malware so far. It works silently, making it known after it completely takes over a company, agency, or department. No particular computer is the target of ransomware. It can attack any computer. It spread through social networking, email, SMS, and clicking links. Spoofed emails deceiving people to open malicious attachments is a common technique of its spread.

The other popular way is to ask for downloading a file through legitimate social media networks. A harmless-looking link often leads to a download from an infected site that places the malware on the user’s computer without mention. The hackers then track infected computers through their systems and ask for an online payment that is not traceable by law enforcement authorities. Cryptocurrencies and similar systems are the most preferred payment methods by hackers. 

​ ​Check Your Computer First. 

Sometimes it is another less harmful ‘fake’ ransomware notice. The actual ransomware locks your computer screen, making your files inaccessible. 

Type 1. Encryption Ransomware

  • Your Windows computer shows that “Windows can’t open this file,” or that the file is of an “Unknown file type.”
  • Mac users get messages that there is “No associated application,” or “There is no application set to open the document.” 

Encryption ransomware can reach your data which includes documents, files, photos, and website files. The landing page of a website displays other than a routine programmed message in case of a ransomware attack. You will get an email or message on your screen informing you about the hacking of files and the method of payment for the release and restoration of your computer data. 

Type 2 Showing Text

The second scenario is that your computer is locked. You are not getting a message in an email or on a computer screen. You see a random text on starting your computer that seemingly appears from a law enforcement authority, anti-crime department, or e-crime agency. The text varies from the hacker to hacker, blaming you for your involvement in illegal activities. You are asked to pay a fine to get your files resorted. 

​Why did You Pay?

Should you or anyone other pay a ransom? Ethically it is supported. Paying ransom means funding illegal activity. These funds are going for more criminal activities. On the other hand, it is a way of encouraging hackers to stick to such scams. By paying, you are losing your hard money and facing the risk of a next attack from the same hacker. It is even not sure that hackers will release your computer after getting the payment. 

​ ​​The Way Forward If Infected

The best approach if your computer gets infected with ransomware is to stay calm. The following steps below, however, can help in limiting the damage. 

  1. The immediate first reaction to knowing the infection is to disconnect your computer from the internet.
  2. It will stop sending your data to the hacker. 
  3. Note the available information about the virus and affected files if you still have access to your data, especially the files marked by your security software or operating system. 
  4. If failed, check the message details, and also note the date of the changing of files. It is essential information for restoring from an earlier safer backup.
  5. Access to another computer to search and study details about the virus
  6. Use a clean device for changing passwords for all your accounts that you logged from the infected computer. 
  7. Consult the matter of a Cybersecurity expert if he can clean your infected computer. 

​​​Get Rid of Ransomware

The next step is to get rid of the ransomware. The following step can help. 

 1. Identify the Type of Ransomware

You need to identify the malware. Not all, but many now are known. Security companies have developed solutions against some known ransomware. Check the details on Google and sites like  ID Ransomware or Crypto Sheriff through the ‘No More Ransomware!’ project. 

​​ ​2. Report to Authorities

Some countries, especially the developed ones, have laws and investigation expertise on Cybersecurity issues. Report the attack to authorities if you think there exists a framework for the rescue. Reporting remains less valid in third-world counties where Cyber laws are on-existing, and investigation help is not readily available to rescue the prey. 

​ ​3. Assessing Options

The first option after getting a message is to decide whether to pay or not to pay. We never encourage them to pay. What to do? – is a question next. Below are the alternatives you can follow now. 

  • Option 1. Try removing the malware. It needs a level of expertise. Refer it to an expert if you do not have the skill. Security experts are of the view that ransomware is difficult malware to remove.
  • Option 2. The best way is to format your disk. You will lose the whole of your data along with the removal of the ransomware. 

​ ​4. Restore From a Backup

Restoring from the backup again is an easy option if you have access to your files. You can, however, run a backup even if your computer is locked. 

5. If you have access to your PC

There is software designed to remove ransomware, many of them available for free download. Ransomware removal tools are designed to unlock your encrypted files without paying the hacker. Search, download, and install any such utility and run it.

It will start guiding you with the next actions. Keep on following the steps, complete the process, and restart your computer. There is every hope that your computer is now free from the monster. 

Though a little there is hope that you can still get back the files from a locked computer. The secret tool for getting the access back is called Trend Micro Ransomware Screen Unlocker Tools.

Boot your computer in ‘Safe Mode’ with Networking. Reboot the system after installing it on the affected machine. Hold the keys [Ctrl]+[Alt]+your computer [T]+[I] to launch the ransomware scan and removal.

If you’re trying to access Safe Mode with Networking via the BIOS menu, download an alternative version of the tool on an uninfected computer. Save it on a USB stick and use it to boot the locked machine. It will scan and remove ransomware from the infected computer.

On a Mac

Most ransomware attacks are on a Windows computer, but it does not mean that Mac is safe from it. The KeRanger ransomware virus, circa 2016, was the first, to target the MAC successfully. Thanks to Apple’s built-in anti-malware ‘Xprotect’ it was detected and blocked.

Follow the instruction in this guide if your Mac is under attack. Again restoring from an earlier dated backup is an easy and readily available option if you are in the habit of taking frequent backups. 

How to Rescue

The best rescue ever is protecting your computer in the first place from an attack of ransomware. The following steps can help in taking advanced care of your system to avoid a ransomware attack. 

  1. Only run trusted and reputable antivirus software. The very best option is to run only an operating system-supported or recommended antivirus like Windows Defender in the case of Windows. 
  2. Try to keep your system updated like the operating system, antivirus software, all browser-related components (Java, Adobe, and the like), and all other third-party programs. 
  3. Frequently clean your web browsers from all junk. Only install the trusted toolbars. 
  4. Don’t open email attachments from any unknown, unverified sources. Also, avoid clicking URL links in the email that you are not sure about. 
  5. Make a habit of taking frequent and sound backups. It is a sure way to revert to clean data in case of an attack. 
  6. Take extra care about text messages (SMS) claiming to be from your bank. Avoid sending them any of your data. 

Image by Pete Linforth from Pixabay 

Team-MC
  • Team-MC
  • The Team@MindClassic consists of writers of diverse interests, deeply rsearching their topics before penning their ideas.