Ransomware! Sounds scary doesn’t it? What exactly is ransomeware and how can we protect ourselves from being a victim?
ran·som
/ˈransəm/
a sum of money or other payment demanded or paid for the release of a prisoner.
How does it work?
Ransomware is designed to exploit a vulnerability in your computer. That vulnerability can be a programming error in your operating system, or it can be human error. From the hackers stand point, if they are unable to breach your network it may be easier to breach you. Once the virus is on you computer it gets busy encrypting your files with a very strong encryption method. A code that would take thousands of computers hundreds of years to break. The ransomware is careful not to tip you off that its working so hard ruining your day. It only encrypts your data, methodically moving through your hard drive scrambling Office documents, photos , videos and finally PDF files and other popular file formats. The software ignores the operating system and leaves the computer fully operational.
Once the deed is done and the software is sure your files are locked up tight it will present you with a ransom notice. Usually requesting an amount of money that you will feel, but not an excessive amount that will have you stealing from the kids college fund. At under $500 it may seem like a bargain to get your data back. Don’t do it! Don’t pay the ransom. Protect your computer now with a few easy steps.
How can I protect my files?
DON’T GET INFECTED IN THE FIRST PLACE
- First off be smart when using your computer, much of the malware that infects our computers is let in by us. We are inquisitive by nature and the gratification we get by clicking on an intriguing email is very tempting. Always be on the lookout for phishing messages.
Related Reading: 6 Simple tips to AVOID email phishing scams!
- Keep your virus protection software up to date. Most modern virus protection not only can scan your hard drive for bad stuff, but will also keep an eye on emails and even scrub the web pages you are surfing. I did some research and Webroot Security seems to be getting some very high marks and is reasonably priced at around $30.00
- Patch, Patch, Patch your workstation! If Microsoft says its time for a patch make sure you take the time to apply the patch, and reboot. Better yet, set you workstation to patch automatically at 3am. Keeping the operating system up to date is a key item in preventing malware infections.
- Operating systems become obsolete over time and need to be replaced with the updated versions. Microsoft is very clear regarding when they will drop support (patches) for each version of Windows. Based on your computers age and hardware specifications you should make a plan weather to upgrade the operating system or to fully replace the PC before the end of life date specified by Microsoft. (Click the image blow to see end of life dates)
I’M INFECTED! WHAT DO I DO NOW?
There are times when you are unable to avoid an infection, maybe a reputable website that you visit frequently had its web server compromised to inject malicious code into your computer. Maybe you just messed up and clicked! No matter what the case you are already prepared for this so no big deal.
Restore from an “AIR GAPED” local backup
Make frequent backups of your computer to some type of external storage or hard drive. I like these Western Digital My Passport drives because they are reliable yet inexpensive $59 to $119 at Amazon
Ransomware is growing smarter every day. It is important to disconnected the drive from your workstation, otherwise the virus will find and encrypt your backups too! This is know as an air gaped device since there is “AIR” in between the device and your workstation preventing the infection.
RELATED READING: Data you don’t have two copies of is data you don’t care about!
Use a cloud backup service with version control
Cloud backup services can help protect your data, but you need to make sure the service you use offers version control. A simple “SYNC” service such as Google Drive or Dropbox is not going to help. Once infected the sync backup service will begin syncing your newly encrypted files out to the cloud destroying any chance of recovery.
Services like Crash Plan and Carbonite offer version control of your backup files giving you the ability to restore from previous backups. This is important because you need to recover the files pre-infection.
The ransomware writers give a lot of thought coming up with new ways to harm our computers and steal our data and money. You should give some thought regarding protecting yourself. Can you answer these two questions.
Is your computer protected from a malware infection?
If you are infected would you be able to recover?
If you need help or have a question, please comment below.
Thank you for reading my blog,
Joe