1
00:00:00,437 --> 00:00:02,510
<v ->Ransomware, if you've watched the news</v>

2
00:00:02,510 --> 00:00:05,340
or you scrolled Facebook or you read the newspaper

3
00:00:05,340 --> 00:00:06,640
in the last year or two,

4
00:00:06,640 --> 00:00:08,890
you probably already know what ransomware is.

5
00:00:08,890 --> 00:00:11,270
Ransomware is a type of malware

6
00:00:11,270 --> 00:00:13,421
that restricts access to a victim's computer

7
00:00:13,421 --> 00:00:16,810
or their files until a ransom is received.

8
00:00:16,810 --> 00:00:20,070
That's right, someone is going to go break into your computer,

9
00:00:20,070 --> 00:00:22,660
encrypt your files or change your password

10
00:00:22,660 --> 00:00:24,511
or do something else to hold your system

11
00:00:24,511 --> 00:00:26,750
until you pay up.

12
00:00:26,750 --> 00:00:28,400
You may reboot your computer one day

13
00:00:28,400 --> 00:00:30,050
and you see something like this.

14
00:00:30,050 --> 00:00:31,710
Your computer has been locked.

15
00:00:31,710 --> 00:00:33,635
You have to pay a fine of $200

16
00:00:33,635 --> 00:00:35,700
and be able to pay it through Bitcoin

17
00:00:35,700 --> 00:00:38,660
using this link if you want to get access back.

18
00:00:38,660 --> 00:00:41,370
If you pay me, then I'll give you the secret unlock code

19
00:00:41,370 --> 00:00:43,600
and then you can put that in the little white box

20
00:00:43,600 --> 00:00:44,830
and hit okay.

21
00:00:44,830 --> 00:00:47,610
Now this is essentially blackmail and extortion.

22
00:00:47,610 --> 00:00:49,586
And often times, even if you pay up,

23
00:00:49,586 --> 00:00:52,136
they won't give you access back to the key.

24
00:00:52,136 --> 00:00:54,300
In the best case, they do.

25
00:00:54,300 --> 00:00:56,445
In the worst case, they've now taken your money

26
00:00:56,445 --> 00:00:58,750
and you've got nothing to show for it.

27
00:00:58,750 --> 00:01:01,270
In fact, experts now say, that it's better

28
00:01:01,270 --> 00:01:03,880
not to pay the ransom, because most of the time,

29
00:01:03,880 --> 00:01:06,406
you're not going to get the unlock code back anyway.

30
00:01:06,406 --> 00:01:08,770
Ransomware can be very painful.

31
00:01:08,770 --> 00:01:10,520
Especially if you have all your files

32
00:01:10,520 --> 00:01:12,520
and you don't have any back-ups of those.

33
00:01:12,520 --> 00:01:14,220
This is why, it's very important

34
00:01:14,220 --> 00:01:16,880
that you keep good back-ups of all of your systems

35
00:01:16,880 --> 00:01:19,194
and all of your files, so if you do become the victim

36
00:01:19,194 --> 00:01:22,560
of ransomware, you can simply roll back to an earlier time

37
00:01:22,560 --> 00:01:24,039
and restore from back-up.

38
00:01:24,039 --> 00:01:27,127
Now let's look at an example from 2018.

39
00:01:27,127 --> 00:01:29,830
Back in 2018, the City of Atlanta

40
00:01:29,830 --> 00:01:32,560
got infected with the SamSam ransomware.

41
00:01:32,560 --> 00:01:34,770
This started spreading across lots of their systems

42
00:01:34,770 --> 00:01:37,647
throughout the city, this ended up costing the city

43
00:01:37,647 --> 00:01:40,210
$17 million to fix.

44
00:01:40,210 --> 00:01:42,260
They decided they weren't going to pay the ransom

45
00:01:42,260 --> 00:01:44,601
but instead they had to spend six million dollars

46
00:01:44,601 --> 00:01:48,070
in services and contracts and software upgrades

47
00:01:48,070 --> 00:01:51,280
and another $11 million dollars in hardware upgrades.

48
00:01:51,280 --> 00:01:53,440
To be able to deal with this ransomware attack

49
00:01:53,440 --> 00:01:55,019
that was caused by SamSam.

50
00:01:55,019 --> 00:01:57,485
This makes this the costliest cyber-attack

51
00:01:57,485 --> 00:02:00,950
affecting a government in 2018.

52
00:02:00,950 --> 00:02:02,870
This was despite them not paying the ransom

53
00:02:02,870 --> 00:02:04,832
that was being demanded by the attackers.

54
00:02:04,832 --> 00:02:07,070
There are other examples out there too.

55
00:02:07,070 --> 00:02:09,140
Where hospital systems and patient records

56
00:02:09,140 --> 00:02:11,100
were being encrypted and held hostage.

57
00:02:11,100 --> 00:02:14,440
Or your personal family photos were encrypted in hostage.

58
00:02:14,440 --> 00:02:16,528
In any case, ransomware is going through

59
00:02:16,528 --> 00:02:19,536
and using some vulnerability in a piece of software

60
00:02:19,536 --> 00:02:21,353
to gain access to your machine

61
00:02:21,353 --> 00:02:22,956
and then encrypting your files

62
00:02:22,956 --> 00:02:26,130
and once they do that, you have no way to decrypt them

63
00:02:26,130 --> 00:02:27,600
unless you pay the ransom

64
00:02:27,600 --> 00:02:31,017
or you restore from a known good back-up.