The 'WannaCry' ransomware attacks of May 2017 took down computers around the world and nearly brought the NHS to its knees, with thousands of PCs in the UK having their data held hostage. Today, we explain just what ransomware is, how it works – and how to avoid it.
Ransomware can leave you feeling you've lost everything, but this isn't always the case. It's a serious threat – and one essentially designed to make you panic – but the good news is, there are simple steps you can take today to protect yourself.
Whether you just want to learn more about this cutting-edge threat and make sure you're protected or are trying to get rid of ransomware that's already found its way to your computer, we can help.
First of all, we'll look at what ransomware is and how it works. Then, we'll share our top tips for protecting yourself and staying safe online – as well as how to deal with ransomware if you're already infected. Finally, we'll show you our recommended anti-ransomware programs: excellent free tools you can install today to make sure you're protected.
Read on to find tips to keep your data protected from malicious software.
In nearly all cases, ransomware is a type of malicious software, or 'malware', that blocks access to the files on your computer, then asks for money in exchange for removing the block.
These can range from mild attacks that can be easily reversed to much stronger attacks that encrypt your files, making them almost impossible to recover.
A typical feature of ransomware is a threatening message, displayed on your computer's desktop, that tells you your files have been locked away – and tells you how much you'll need to pay up to release them.
Sometimes, these messages claim to be from a government or police agency, as in the particularly threatening example below – but others, like the 'WannaCry' ransomware that recently caused so much chaos in the NHS, don't pretend to be anything other than a criminal enterprise.
In most cases, ransomware is spread through a 'trojan' file. This is a type of malware which masks itself as an ordinary file, like a Word document or email attachment. But it secretly hides a malicious payload – just like the Trojan horse from Greek mythology.
Keeping your anti-virus software up to date is a good way to catch most trojans as they get to your computer – but downloading files from unknown and unsafe sources can lead to unwanted trojans on your hard drive, leaving you open to any number of infections from viruses and malware.
The good news? It's not too hard to protect yourself – here's how.
If you've had ransomware hold your files hostage, you'll already be familiar with the dreaded warning screen telling you to pay money to get your files back.
These demands are often disguised as FBI or police warnings that make your problem seem even more severe, and are an attempt to stop you from going to the police yourself!
If you're experiencing a ransomware attack, step 5 below can help – but as so often when it comes to online safety, prevention is better than cure. So to stop the worst from happening to your files and data, check out the steps below.
Set up System Restore: If you're worried about the risk of ransomware and want to protect your files, the best form of protection is to set up a 'System Restore' point. This means you can restore you computer to a point in time before you were infected, and sidestep the infection in the process! Make sure you set a restore point now, while your files are safe. Open your Start Menu and type "Restore", then click on System Restore when it appears. From here, you can create restore points.
Create regular backups: A backup is similar to a restore point, with the added benefit of keeping your files stored in an external hard drive – one that's only plugged into your computer to back up your files, then removed again. Keeping your files in a hard drive that's not connected to the internet means your files will always be safe from viruses, as long as you're not infected when you carry out the backup procedure.
Restart into Safe Mode: If you're infected by some of the less harmful strains of ransomware, you might still be able to get into your computer in 'Safe Mode' – a trimmed-down version of Windows that disables everything that isn't strictly necessary for your computer to run. If you aren't sure how to get into Safe Mode for your version of Windows, check out the official Microsoft Safe Mode guides for Windows 7, Windows 8 and Windows 10 for the different ways you can boot into Safe Mode. Then...
Run an on-access virus scanner: If you do manage to boot into Safe Mode, the first thing you should do is run an on-access virus scanner, like SUPERAntiSpyware or MalwareBytes to check for the ransomware file. On-access virus scanners are ones that run when you tell them to, rather than automatically or to a schedule.
System Restore your computer: If you've already set up a System Restore point as described in step 1, you can restore your computer at the first sign of trouble. But even if you haven't set one manually, some installations of Windows will create them automatically, depending on your device manufacturer – so it's always worth checking. Pick your version of Windows below and follow the steps to restore your computer.
Turn off the computer, find F8 on the keyboard.
Turn on the computer, keep pressing F8 to see the Advanced Boot Options screen.
Choose Repair Your Computer and log in with your username and password if prompted.
Click System Restore and wait until the process is finished.
On the Windows login screen, hold down Shift on the keyboard while clicking on the power icon.
Click on Restart to reboot to the Recovery screen.
Click on Troubleshoot > Advanced Options > System Restore to restore your computer.
Wait until the process is finished, then check if your files have returned.
Making sure you don't install bad files from the internet sounds easy, but some malware can do a very good job of pretending to be legitimate software or email attachments – right up until you try to open it.
To make sure you're downloading safe files, we recommend having a good antivirus program, which can scan your files as you download them! Here are a few of our favourites to help you keep control over your computer – installing one or two of these should go a long way towards protecting you from ransomware infections in future.
MalwareBytes is a powerful free tool that can be used to find a whole bunch of security problems on a computer.
The most recent version of MalwareBytes includes extra packages to prevent ransomware from making its way on to your computer, and the software itself doesn't take up much space on your hard drive.
MalwareBytes also warns you when sites you visit seem suspicious, so you don't accidentally end up downloading a file from a fake website by mistake.
This tool is another great defence against ransomware and other security issues. Fast and easy to use, SUPERAntiSpyware features real-time blocking of unwanted programs, so trojans and other infections can be detected and shut down before they can do any damage.
If you already have an anti-virus program installed, SUPERAntiSpyware is designed to work alongside it rather than competing against it – making it a great extra security resource for your computer.
What I like most about Zemana is its ability to strip out unwanted browser add-ons, toolbars and adware that not only slow down your internet browsing and clutter your screen, but can also make your internet connection less secure!
Like the others on this list, Zemana features real-time protection to scan your files as they download, as well as a dedicated anti-ransomware feature to make sure you don't end up locked out of your files and folders.
This is a completely dedicated anti-ransomware tool – which is perfect if you're only concerned with ransomware, and already have tools to protect you against other threats.
It's constantly updated to ensure it recognises the latest ransomware families, so you stand a much better chance of avoiding an attack, and is descibed by BitDefender as being a 'vaccine' against ransomware.
BitDefender is probably the smallest of all the programs we've recommended, so if you're looking for something that just focuses on ransomware without installing tools you won't actually use, this is definitely one to check out.