
Simple steps to protect yourself from modern malware threats.
Today’s technology landscape is beset with all sorts of dangers that users need to be wary of. Various viruses, worms, key loggers, and other malicious forms of software have plagued computer systems almost from the very advent of personal computing. In recent years, the threats have become increasingly more advanced and more prevalent. One of the more alarming trends is the development and increased appearance of a specific type of malware known as ransomware.
What Is Ransomware?
Ransomware is software that is covertly installed on a computer and either prevents access to the computer or encrypts the data stored on the computer, preventing it from being used. Ransomware’s purpose is to extort money from users by displaying on on-screen alert that requires payment prior to unlocking the system or unencrypting the data. Typically, $200-$400 is required in the form of virtual currency, such as Bitcoin, in order to release the infected system.
Where Does It Come From?
Typically, ransomware is spread through phishing emails (scam emails that appear to be from a legitimate entity) that contain malicious attachments. Opening the email and/or clicking on the attachment will then install the ransomware. Another method for spreading ransomware is via drive-by downloading, which occurs when a user unknowingly navigates to an infected website that then installs the malicious ransomware software. Instant messaging applications and USB flash drives have also been used to spread ransomware infections.
Why Is It Effective?
Ransomware is becoming more common because the authors have found it to be lucrative. Using fear and panic to their advantage, the malware’s purveyors create a situation whereby users often feel that they have no choice but to submit to the ransomware demands. Unfortunately, paying the ransom does not guarantee a resolution and clicking on any links or buttons also has the potential that additional malware will be installed.
What Do I Do About It?
While the threat of ransomware is increasing and the potential for data loss is real, there are actions you can take to avoid being held hostage by it. As is often the case, prevention is the best medicine and there are several measures that every computer user should take in order to protect themselves.
- Backup!
The importance of a reliable backup strategy cannot be overstated. If you have a recent backup, any potential data loss that comes from a malware infection will be minimized. A robust backup strategy includes regular and frequent automated backups to multiple locations. A copy of your backup should be maintained onsite as well as offsite. In addition, the ability to restore from the backup should be regularly tested. A backup you can’t retrieve data from isn’t of any use. - Antivirus Software
Running reliable up-to-date antivirus software with all of its protection capabilities enabled, including any heuristic scanning abilities, is a key part of preventing all malware, including ransomware. - Update Software
Install any updates available for your operating system, web browser, and other software. A large percentage of these updates are released to patch vulnerabilities that viruses and malware are designed to take advantage of. Closing those vulnerabilities will block the vector of attack. - Trust Nobody
Do not click on links in emails or instant messages, even it is from a friend or a trusted business source. Don’t open attachments from people you don’t know or unexpected attachments from known sources. The most common way to become infected by ransomware is through phishing emails. A phishing email is an email that is faked to look legitimate and they are becoming increasingly sophisticated. Emails from Amazon, UPS, eBay, and various banks are commonly faked in order to spread infected software. Even emails from friends have the potential to be dangerous if their computer or the computer of someone in their address book has become infected. In addition, be careful when browsing the internet and do not visit disreputable websites or download suspect software. Avoid clicking on any buttons or links within popup windows unless you are certain that they are legitimate.
- Backup!
What If I Am Infected?
It is not advisable to pay the ransom. Paying the ransom is no guarantee of restoring access to your data and opens you up to further exploits. Even more concerning, there is evidence that ransom payments are may be used to fund terrorism. If you become infected despite your best precautions, disconnect your computer from the internet immediately and contact a trusted and skilled computer support professional. Hopefully, you have a valid backup in case restoring files is necessary. If not, there is still a possibility that a skilled professional can remove the infection. Paying the ransom will only encourage the extortionists and make you a target for future attacks.