Ransomware – How does it happen?

In 2013, a new shadow business emerged on the Internet, and it is now costing consumers and businesses alike hundreds of millions, if not billions of dollars every year. That business model is pretty simple: Infect computer systems and encrypt the data that resides there, then demand a ransom to obtain a key that will decrypt the data. Thus, the common name: Ransomware.

That’s the basic concept. The specifics of how ransomware viruses work is of course much more complicated. There are three primary ways that a computer can become infected with a ransomware virus, also known as Cryptolocker virus:

  • Infected email attachment
  • Infected web site
  • Hacking event
Most ransomware viruses are smart enough to look at all drives on a computer, including external USB drives and network shares that are mapped to a drive letter. Having a local backup to an external drive is great, but if that drive is plugged in when your computer is infected with a ransomware virus, it will be encrypted as well, rendering your local backup useless.



Most computer users these days understand the risks associated with email and file attachments. However, you might not realize that when we refer to an “Infected website”, we aren’t necessarily referring to a specific page or website that has a virus – it’s much more complex than that. Nearly all sites today have an enormous number of external references to other pages and sites. This is known as cross-site scripting (XSS).

For example, these references will reach out to other pages to display advertisements on a page you’re looking at. The reference is fine, but there could be a malicious code embedded in the advertisement itself – or the code for the advertisement could also refer out to even other pages. This is much more common than most people realize.

A hacking event is exactly what it sounds like. Computer hackers spend their days looking for systems to attack. When they find a system that responds to a “hello?” query, they attack that system with scripts that will try tens of thousands of login and password variations. This is by far the most common type of hacking attack for the simple reason that it’s very easy to perform and it produces results. If your name is John Smith and your password is “password”, you’re in trouble.

The sad truth of the matter is that if your computer is infected with a ransomware virus and you do not have a current backup, you will be forced to pay the ransom, which isn’t always an option. If for whatever reason, you cannot pay the ransom for the key to decrypt your files, they are forever out of your grasp.

In this day and age, a reliable Cloud Backup service is the primary method to ensure that your important files and documents are protected. And the good news is that PC Pulse can help protect against ALL of these threats!

Ransomware Protection