The most valuable asset
associated with your computers,
whether their computers at
home or computers at work,
is your data.
That is the most
important asset on there.
At home, you probably
have family pictures.
There's videos of trips
that you've taken.
There's important documents
that you've scanned,
and they're all on these
storage devices at home.
At work, you probably even
have a broader set of data.
There's planning information,
employee details,
you've got financial
information,
and of course, company
proprietary data.
There's a lot of valuable
information here,
and there's probably a
certain amount of money
that you would be willing
to pay if all of this data
disappeared tomorrow
and somebody offered
to give it back to you.
This is the business
model for ransomware.
It's one where the bad guys
want your money and the best way
to get the money from you is
to take the data away from you.
Your entire computer
becomes unusable
because everything that is
important on that computer
suddenly becomes encrypted.
In some cases, ransomware
is not even legitimate.
It's simply a fake message
that's put on your screen.
They might use the
Department of Justice logo
or mention the FBI,
and they've told you
that the police have
locked your computer.
If this is ransomware
that is not real,
then you may be able to take
it to a security professional
and have them retrieve the files
and remove the fake ransomware
from your computer without
damaging or losing any data.
These days, however, there
is an entire new generation
of malware called
crypto-malware.
This is ransomware that
encrypts all of the data
on your computer and holds
that data for ransom.
It's going to encrypt
all of your data files.
So on your home
computer, you probably
have those pictures,
and your documents,
and your movies, and your music.
And it encrypts everything
except the operating system.
It wants your system to continue
working so that it can present
a message to you saying
that all of your files
have been encrypted,
and this is the process
that you should go through to
send the bad guys some bitcoin
so that your computer can then
have a decryption key apply
to all of these files and you
can regain access to your data.
This has become a very
lucrative and very successful
business model for the bad guys.
They know that they're
using a payment system that
is untraceable, so
you have no idea who
you're sending this money to,
or where they happen to be.
And it is using public
key cryptography.
So it's using a very
strong encryption,
and there's no way
to decrypt the data.
You have to get the key from
the bad guys or all of this data
will be lost forever.
Or will it, because
if you're someone
who is very smart with
handling your data, then
you probably have a backup
of this data somewhere,
and you'll be able to
recover all of those pictures
and all of those videos.
Make sure you have a
backup and make sure
that this backup
is kept offline.
A lot of the modern
crypto-malware
will find your backup
systems if they're online
and encrypt the backups as well.
One of the ways this
crypto-malware embeds itself
onto your computer
is taking advantage
of a known vulnerability.
So make sure that you are always
updating your operating system
and all of your applications are
updated to the latest versions.
One way to stop this malware
from executing on your computer
is to have your anti-virus
already recognize the malware,
and for that to occur we have
to have the latest signatures
for your anti-virus software.
Make sure that you're
constantly updating
these anti-virus
signatures and you
may be able to stop the
malware right in its tracks.
If you're updating your
anti-virus signatures,
you're updating your
operating system,
and you're updating
your applications,
you've got the best chance at
avoiding any type of infection
from this crypto-malware.
