Ransomware detection
How can you detect ransomware
Each year more and more computers become a victim of a ransomware attack. But how can you detect a ransomware attack before it is to late.
Ransomware is basically a computer virus that will encrypt all your user files (like Word and Excel documents) using a digital key. Without this key you will no longer be able to access your files and in order to get this digital key you need to pay a lot of money (and then hope you will get this key).
- Anti virus
An anti virus program checks all your files to see if it contains a specific sequence of code that is known to belong to some kind of computer virus.
The problem however is that ransomware virusses are created to target as many computers as possible on a certain date. Once this attack is over a new ransomware virus will be created and this new ransomware virus is different enough so that it wil not be detected by an anti virus program.
If however an anti virus program is able to detect a ransomware virus than it can be eliminated before any damage is done, but chances of detection are very slim.
- Honey jar trap
So in the most cases an anti virus program will not give you any protection at all because it simply will not detect the ransomware virus.
Using our program: Honey jar trap you can detect that a ransomware attack is happening on your computer.
Any ransomware virus that is in the process of encrypting your files will be detected by Honey jar trap. And by placing the trap on a strategic place and giving it a strategic name it is likely that when the trap springs most of your files are still OK.
You need to keep in mind that although a ransomware virus is a computer virus it operates differently. A regular computer virus will start immediately infecting other computer files. But a ransomware virus is much cleverer. It knows that you will try to restore your backups, so the first thing it will try to do is locate all your backup files and when it starts encrypting your files it will most likely start with these.
So when you start placing your Honey jar traps you should create a directory that holds the word backup (you do not have to use this directory for your backups) and both a regular user file and a backup file will be placed in this directory.
When any of these trap files are altered, the Honey jar trap program will detect this and report this to you (you may even set the program so that the computer will try to shut down).
The Honey jar trap program comes with a video showing and explaining how to use the program, it is not that complicated.