How To Explain Ransomware To A Five-Year-Old

The definitive definition of ransomware from the experts for the kids (and adults, too)

Jon French, security analyst of AppRiver

“As an illustration, it’s as if I’ve taken your favourite teddy into the woods and tied him to a tree. Now, you have two choices – you can give me all your pocket money, and I’ll give you a map telling you where teddy is, or you can ignore me and teddy will stay tied to a tree FOREVER! mwahahah!”

Andrew Tang, service director, security, MTI

“Imagine that your house is like a computer and your toys are the games on the computer. Ransomware is like a stranger coming into your house and hiding all of your toys so you can’t find them. The stranger will ask for money to tell you where your toys are, but if you don’t pay, you will never see your toys again. If you pay the money, the stranger might give back your toys, but they might also leave the toys hidden anyway. To stop the stranger from hiding your toys, you need to stop the stranger from coming into your house, or you need to ask a grown up to find the stranger before they can hide your toys.

“Just like keeping your toys safe, to stop the ransomware from entering a computer, or to find any ransomware on your computer, you would use anti-malware or anti-virus software.”

teddy bear on treeKeith Bird, Check Point UK MD

“In the 1700s, highwaymen used to rob valuables from stagecoach passengers with the threat: ‘Your money or your life’. Now, cybercriminals are the equivalent of highwaymen, using computer malware that’s known as ransomware to demand ‘your money or your files’.

Ransomware infects PCs and networks when employees open a malicious attachment in an email, clicking on a deceptive pop-up, or simply visiting a compromised website. The ransomware then scrambles data on the PC or server, so users can’t access it. Having locked users out of their data, the criminal demands that a ransom is paid, or the files will remain locked forever. These attacks have grown very popular over the past two years. One of the first big ransomware attacks, CryptoLocker, spread to over 530,000 machines worldwide, and Sony Pictures was recently hit with a ransomware attack too.”

Charlie Svennson, security consultant at Sentor

“Ransomware is a piece of software that you are tricked into installing on your computer, perhaps by being sent a link in an email that you click on, or by opening up an infected document that also then installs the ransomware on your computer. Once you’ve been infected by it, the malware will start searching for important files on your computer’s hard-drive, file shares and or even in your cloud storage. Once located, these files will be locked (using very high-grade encryption algorithms) so that you can’t access your own files. After locking your files, the malware is then designed to make you an offer along the lines of ‘Buy the secret key required to decrypt your information for only $500’. Ransomware is designed by criminals to extort money from people.

“Luckily, there is an easy defence against ransomware. Make backups of your system and have several copies of your data, stored safely and separately from your computer.”

David Emm, principal security researcher at Kaspersky Lab

“Someone (you don’t know who) has sneaked into your house and locked all your toys in an indestructible toy-box. They won’t let you have the key unless you put all your pocket-money in an envelope and leave it on the doorstep for him. If you don’t pay, you’ll lose all your toys forever! And even if you do pay, they still might not give you the key!

“That’s ransomware. Except that it’s not your toys but everything on your computer. Now imagine that your mum has a spare copy of all your toys which she keeps in a cupboard at grandma’s house. Now there’s no problem! You still get to play and you keep your pocket-money!

“That’s what a backup is: you keep a spare copy of all your computer files on a USB drive or CD or DVD.”

James Tomlinson, channel manager, Northern Europe, Comodo Group

“Ransomware is a nasty piece of software which holds your computer hostage until the hackers that gave it to you have either got what they want, which is probably your money or your personal information, or until you get rid of it from your computer. This is usually done by taking the computer back in time to before the ransomware was installed.

“You would normally pick up ransomware by downloading something from the internet, like a game or file. The ransomware will then load onto a computer once you have opened the file and it will then lock your files up and throw away the key. Only the hacker knows where the key, is meaning that in order to get rid of the ransomware, you only have two options. Give the hackers what they want, or take the computer back in time.”

Ian Trump, security lead, LogicNow

“Bad people want to take over your computer and use if for bad things. They do this by building bad programs and tricking people into downloading them. The bad people want to get your parents’ information to steal money – just like robbers – only on the computer. One thing they do is really mean. They lock out the computer – so no one can use it. The bad guys say to give them money to unlock it – this is why it’s called ‘ransom’ ware. If you don’t pay them they will erase everything, forever. Sometimes people pay them – the bad people may not unlock it, they might want more money.

“You can help your parents! Tell them to backup their files to a USB stick. Tell them to be careful when opening email or clicking on links. You can tell them to patch and update the computer. If you tell them these things, you just might save them from the bad people.”

Guy Bunker, CTO at Clearswift

“Ransomware is a type of computer virus which stops you using your computer normally until you pay its maker a fee to remove it. It may lock you out of your computer, scramble all your files and take them hostage, or stop you from using certain programmes. It usually gets on your computer through downloading attachments in emails or from the web.

“For individuals the ransomware might demand relatively small amounts of money, but for international businesses they can demand millions. The most recent known and widely used ransomware was called Cryptolocker back in 2013. Cryptolocker asked for money within a certain time or threatened that infected computers would lose their files forever. It also stole passwords. Viruses like this put the victim under a lot of pressure so it can be quite an effective attack.

“By being vigilant and making sure you have the right filters on your computer, you can capture most of these viruses and protect your files. Ransomware is like bullying, you should never give in to it, and you should always tell someone else – as they will be able to help.”

James Lyne, global head of research, Sophos

“Ransomware is malicious code that may be silently installed on your computer by cyber criminals. Once there is starts locking all of your files using encryption (a way of making data so only certain people can read it) and a password you don’t have. At the end of the process you, the owner of the computer, can’t access any of your files and the cyber criminals demand money to unlock them again. They quite literally hold your own data to ransom until you pay!”

Andy Settle, chief cyber security consultant and head of practice at Thales UK

“I have just put a very strong lock and chain on your box of toys. If you want to see the toys ever again then you will need the key for the lock. To get the key you are going to have to give me all your sweets.

“You know your favourite story book? I’ve scribbled over all of the words with a pencil! I also have a rubber which can rub all the pencil away and let you read it again. But you will have to pay me for the rubber – how much pocket money do you have? And even though I will sell you the rubber – I don’t promise that it will work.”

Jason Hart, VP Cloud Solutions at SafeNet

“Ransomware is a type of malware that someone puts into another person’s computer, tablet or mobile phone which stops them from being able to use it. The person then asks that they pay them money in order to use it again. The person might lock the whole tablet, or just some apps within it. If you think about it in the playground at school: A bully might take your dolls’ house and decide not to give it back to you until you give them your sweets in return, whereas another might just take some of the dolls from your house and ask for sweets too. It’s the same case with ransomware in a computer.”

Alexandru Catalin Cosoi, chief security strategist at Bitdefender

“We’ve had a couple of organised visits at Bitdefender HQ in recent of years. At first, I thought that explaining malware, cloud security and social media scams to young children would be more difficult than getting my PhD, or coding patented software.

“In fact, it wasn’t. Children nowadays are aware of many internet concepts including securing your passwords, online banking and viruses. In addition, some had already studied computer science as an optional class, and were very familiar with computers, tablets and smartphones.

To explain ransomware, I told them a story with characters they may relate to: “Do you remember when an older child took your toys, and said you will get them back if you give him your pocket money? This is what ransomware does to computers. Hackers hijack users’ files, personal pictures and other data, and promise to let them loose after victims pay a fine. Ransomware hackers are smart bullies, and often lie, telling you that they are the Police. They say the computer had been used for illegal activities, such as stealing software.”

How much do you know about Internet security? Take our quiz!