Skip links

Your Guide to Ransomware—and Preventing It Too

Ransomware. Even the name sounds scary. 

When you get down to it, ransomware is one of the nastiest attacks a hacker can wage. They target some of our most important and precious things—our files, our photos, and the information stored on our devices. Think about suddenly losing access to all of them and being forced to pay a ransom to get access back. Worse yet, paying the ransom is no guarantee the hacker will return them. 

That’s what a ransomware attack does. Broadly speaking, it’s a type of malware that infects a network or a device and then typically encrypts the files, data, and apps stored on it, digitally scrambling them so the proper owners can’t access them. Only a digital key can unlock them—one that the hacker holds. 

Nasty for sure, yet you can take several steps that can greatly reduce the risk of it happening to you. Our recently published Ransomware Security Guide breaks them down for you, and in this blog we’ll look at a few reasons why ransomware protection is so vital. 

How bad is ransomware, really? 

The short answer is pretty bad—to the tune of billions of dollars stolen from victims each year. Ransomware targets people and their families just as explained above. Yet it also targets large organizations, governments, and even companies that run critical stretches of energy infrastructure and the food supply chain. Accordingly, the ransom amounts for these victims climb into millions of dollars.  

A few recent cases of large-scale ransomware attacks include:  

  • JBS Foods, May 2021 – Organized ransomware attackers targeted JBS’s North American and Australian meat processing plants, which disrupted the distribution of food to supermarkets and restaurants. Fearing further disruption, the company paid more than $11 million worth of Bitcoin to the hacking group responsible.   
  • Colonial Pipeline, May 2021 – In an attack that made major headlines, a ransomware attack shut down 5,500 miles of pipeline along the east coast of the U.S. Hackers compromised the network with an older password found on the dark web, letting the hackers inject their malware into Colonial’s systems. The pipeline operator said they paid nearly $4.5 million to the hackers responsible, some of which was recovered by U.S. law enforcement.  
  • Kaseya, July 2021 – As many as 1,500 companies had their data encrypted by a ransomware attack that followed an initial ransomware attack on Kaseya, a company that provides IT solutions to other companies. Once the ransomware infiltrated Kaseya’s systems, it quickly spread to Kaseya’s customers. Rather than pay the ransom, Kaseya’ co-operated with U.S. federal law enforcement and soon obtained a decryption key that could restore any data encrypted in the attack.  

Who’s behind such attacks? Given the scope and scale of them, it’s often organized hacking groups. Put simply, these are big heists. It demands expertise to pull them off, not to mention further expertise to transfer large sums of cryptocurrency in ways that cover the hackers’ tracks.  

As for ransomware attacks on people and their families, the individual dollar amounts of an attack are far lower, typically in the hundreds of dollars. Again, the culprits behind them may be large hacking groups that cast a wider net for individual victims, where hundreds of successful attacks at hundreds of dollars each quickly add up. One example: a hacker group that posed as a government agency and as a major retailer, which mailed out thousands of USB drives infected with malware 

Other ransomware hackers who target people and families are far less sophisticated. Small-time hackers and hacking groups can find the tools they need to conduct such attacks by shopping on the dark web, where ransomware is available for sale or for lease as a service (Ransomware as a Service, or RaaS). In effect, near-amateur hackers can grab a ready-to-deploy attack right off the shelf. 

Taken together, hackers will level a ransomware attack at practically anyone or any organization—making it everyone’s concern. 

How does ransomware end up on computers and phones? 

Hackers have several ways of getting ransomware onto one of your devices. Like any other type of malware, it can infect your device via a phishing link or a bogus attachment. It can also end up there by downloading apps from questionable app stores, with a stolen or hacked password, or through an outdated device or network router with poor security measures in place. And as mentioned above, infected storage devices provide another avenue. 

Social engineering attacks enter the mix as well, where the hacker poses as someone the victim knows and gets the victim to either download malware or provide the hacker access to an otherwise password-protected device, app, or network. 

And yes, ransomware can end up on smartphones as well.  

While not a prevalent as other types of malware attacks, smartphone ransomware can encrypt files, photos, and the like on a smartphone, just as it can on computers and networks. Yet other forms of mobile ransomware don’t have to encrypt data to make the phone unusable. The “Lockerpin” ransomware that has struck some Android devices in the past would change the PIN number that locked the phone. Other forms of mobile ransomware paste a window over the phone’s apps, making them unusable without decrypting the ransomware. 

Avoiding ransomware in the first place 

Part of avoiding ransomware involves reducing human error—keeping a watchful eye open for those spammy links, malicious downloads, bogus emails, and basically keeping your apps and devices up to date so that they have the latest security measures in place. The remainder relies on a good dose of prevention.  

Our Ransomware Security Guide provides a checklist for both. 

It gets into the details of what ransomware looks like and how it works, followed by the straightforward things you can do to prevent it, along with the steps to take if the unfortunate ends up happening to you or someone you know. 

Ransomware is one of the nastiest attacks going because it targets our files, photos, and information, things we don’t know where we’d be without. Yet it’s good to know you can indeed lower your risk with a few relatively simple steps. Once you have them in place, chances are a good feeling will come over you, the one that comes with knowing you’ve protected what’s precious and important to you. 

Introducing McAfee+

Identity theft protection and privacy for your digital life