There are many different types of malicious threats out there: viruses, scareware, backdoors, worms, and ransomware. To learn more about all of them, check out our “Virus Lab” here. Today, we want to focus on ransomware, because it’s on the rise – and it’s scary! Keep reading to learn more.

What is ransomware?

Ransomware is an umbrella term for a group of viruses that hold valuable information hostage– either by encrypting your data so that it is unreadable or by totally locking you out of your computer.

Ransomware gets its name due to its general nature – it threatens harm by keeping your personal data captive, and demands a financial ransom in return. Unfortunately, once a computer has been infected with ransomware, there is little anyone– even the F.B.I. — can do to restore the files.

According to IBM Security’s 2021 Cost of a Data Breach Report, the average cost for a data breach in the U.S. in 2021 is $9.05 million, up from $8.64 million in 2020.

Ransomware Attacks in 2021

2021 saw some of the biggest ransomware attacks of all time. Namely the JBS ransomware attack which resulted in massive food supply chain disruptions, the attack on the Colonial Pipeline that disrupted gas and oil supply chains, and countless others resulting in some of the highest payments of all time. According to the National Security Agency, ransomware will be a formidable threat for the foreseeable future.

Biggest Ransomware Families

The three biggest ransomware families are Dharma, GandCrab, and Ryuk. And there continues to be the discovery of new ransomware families all the time that use innovative techniques to target computer users.

Dharma, which makes changes by infecting computer files and adding extensions to them, has been in operation since 2016 and continues to infect computers, causing damages to files making them unable to be decrypted.

The GandCrab ransomware infects computers by dropping a “GandCrab.exe” file. It also encrypts your files – locking them up and making them inaccessible to the computer owner.

The Ryuk ransomware is known for targeting newspaper printing services in the United States. The ransomware is likely the work of a cybercrime organization instead of a targeted attack created by a specific nation-state.

New Ransomware

A disturbing new ransomware family that has emerged is the Anatova family. This ransomware usually uses the icon of a game or application, making it appealing to users who are more likely to click on it thinking it’s a fun computer game.

The Anatova ransomware also adapts very quickly, spreads easily amongst computers, and is very difficult to remove via anti-ransomware tools and methods.

In fact, the files and data locked by Anatova cannot be restored without paying the group behind Anatova, even if you try to use a generic decryption tool to try to unlock it. This makes it more important for computer users to create regular backup copies of their computer files.

What should you do?

1. Have an antivirus installed on your computer and keep it updated – while it’s not a cure-all or silver bullet, it remains a very good practice and will prevent many forms of infections from getting onto your computer in the first place. If you don’t already have an antivirus, we use McAfee Total Protection and share our discount with our customers. You can learn more about McAfee here.
2. Run regular FixMeStick scans – new viruses can get past your antivirus and then can be very difficult to find and/or remove. Don’t let Ransomware get a hold in your computer. Make sure to remove it BEFORE it encrypts your files. To do this run regular FixMeStick scans. We recommend at least once a month.

Have a question? Leave it in the comments below!