David Papp Blog

How Safe Is Your Data From Ransomware?

It announces its presence with a giant screensaver announcing that ALL your files are completely locked up.  And in 72 hours the perpetrator will throw away the key.

Or you suddenly view a “surveillance” webcam-selfie with an official warning that you’re wanted by the FBI.  A message demands payment of a fine if you ever want to use your computer again.

Welcome to Ransomware

Ransomware is a newer form of cyberattack that can:

  • encrypt your files
  • freeze your computer screen
  • storm you with pop-ups
  • and literally hold all your precious data for ransom.

It vows to return everything to normal after you pay up.  But of course, it’s run by criminal cyber gangs, and they don’t necessarily keep their promises.

The malicious software typically enters computers via an email link or attachment.  According to Symantec, the number of emails blocked because of sketchy attachments has increased this year.  And ransomware has been linked to a series of email scams.  Some have involved emails claiming to be from major airlines, and others had “complaint letter” subject lines.

Ransomware can be much, much worse than a BSOD (Blue Screen of Death) …  It’s stressful for everyone and can paralyze a business.

Who is at risk?

Anyone running a PC is at risk.  Although some malware targets Apple and Linux users, they’re in the minority.  Windows users need to be the most vigilant.

And just because it hasn’t happened to your friends yet, it doesn’t mean you’re not at risk.  In fact, even with the infamous ransomware Cryptolocker shut down, there are new forms popping up in the most everyday places.  Education, government organizations, private businesses, and healthcare providers have all been struck over this past year.   In two notable cases, The Hollywood Presbyterian Medical Center even shelled out the ransom – $17,000 in bitcoin –  to get their files back and maintain full service (they had to reroute emergency calls in the meantime) and the University of Calgary paid $20K to help recover critical research work.

The list of malware includes Cryptowall, Tescrypt, Fakebsod, Crowti, DirCrypt, Locky, Matsuu, and more. New hackers (actually, hackers are white hat – we should say “crackers”) are constantly finding new ways to make money while causing big headaches and bringing work projects to a halt.

According to BitSight’s 2016 report examining the cybersecurity performance of nearly 20,000 companies, ransomware cost more than $200 million in damages in the first three months of 2016 alone.

How do you know you’ve been hit?

Typically, a screen will lock onto your computer and you can’t get rid of it.  ALL your files could be encrypted in anything that was attached – this includes your USB drives and external drives you forgot to remove after your last backup.  In milder cases, you may retain partial access to your system and spend the afternoon trying to dodge a barrage of pop-ups.  Either way, it’s not pretty.

So what do you do if you think you’ve been hit?

  • First, don’t panic.
  • Second, don’t pay –  you’ll only encourage them.  And you already know they’re dishonest.  What makes you think they’ll actually give your files back?
  • Third, talk to someone you know and trust or find a well-recognized authority to help.

The best possible thing you can do is prevent yourself from getting hit by this in the first place.  

Take these 8 steps to avoid becoming the next victim

  1. Protect your computer with Antivirus software and update it regularly
  2. Use ad blockers and pop-up blockers like Google’s Adblock and Adblock Plus
  3. Don’t open attachments in emails from people you don’t know – and even from people you do know if something looks “phishy”.
  4. Use your firewall
  5. Get patches and run updates on your software to get the latest fixes for bugs and security holes.
  6. Don’t do careless things – like downloading premium software from questionable sites.  Buy what you need from a reputable vendor.
  7. Create titanium-strength passwords
  8. Backup your files to a removable hard drive (and then remove it).

The last is the most important.  Although there are companies that claim to be able to rescue your files, the fact is that much of this new software in particularly insidious.  If hit, you may have to do a deep clean of your hard drive and start completely from scratch.  

On the other hand, if you back up your files daily – or even weekly – as part of your office routine, you’ll be in a better position to face this menace in case it ever finds you.