Get the facts on ransomware and how to protect your computer files from being targeted by hackers.
Ransomware is a form of dangerous and malicious malware that has the ability to infect and lock files on a computer using data encryption. Encryption is a common method used by ransomware to deny a user access to their files; once encrypted, hackers responsible for the ransomware will demand money from the user in exchange for unlocking their files.
The ransom is usually demanded in an untraceable currency (ex. bitcoins) and the value of each ransom can vary from each incident, from $500 to as much as $800,000. Some ransoms even include time limits where the amount can double if the ransom is not paid within a certain amount of time.
So how can users protect themselves from a ransomware attack?
Where Is Ransomware Found?
- Email attachments, software downloads, applications from sites can be infected with ransomware
- It is important to be on the lookout for any emails coming from suspicious or unfamiliar contacts
- The legitimacy of some emails and software is incredibly high so users should be cautious and confirm any emails or software they are unsure about prior to opening or downloading them
- These emails can come from seemingly credible sources but are in fact fraudulent. For example:
- Website ads can be points of malware infection. If selecting an ad, do so on an iPad or mobile phone and check legitimacy before using it on your computer
What Types of Computers Are Being Affected?
- While originally targeting PCs and Windows computers, Apple has recently experienced their first ransomware attack
- As of March 2016, Mac computers were susceptible to Ransomware through a defective version of Transmission, a program used to transfer data through peer-to-peer file sharing
- Any user who downloaded Transmission 2.90 found their Mac computers infected with a type of ransomware called “KeRanger”
What Precautions Should I Take to Protect My Computer?
- Perform regular backups on your files to an external hard drive (one not connected to your computer or Cloud backup) so you always have a clean copy of the files to work from should you system become infected
- Ensure that your virus protection software is up-to-date, however anti-virus programs should not be solely relied on for protection
- Do not open any unfamiliar or suspicious emails, documents, or attachments
- Avoid clicking on web ads
- Lock down the computer to prevent application installation
If Your Computer Does Become Infected…
- The infected computer should immediately be shut down and disconnected from its internal network so that other computers, if any, on the network will not be affected
- While you cannot obtain your locked files you can remove the malware from your computer
- A user should wipe their computer, change their password, and update/install a commercial antivirus software program to ensure that their computers will be fully protected
- If you have externally backed-up your files, you can reinstall the uninfected files from the backup
While paying the ransom is one way to regain control of your computers and files, it is not recommended as it provides the funding for the next piece of ransomware.
Users who have paid the ransom are said to receive a key that will decrypt their files. This does not always happen, resulting in the hacker keeping your files and obtaining your money. If a key is forthcoming, the decryption process could take a significant amount of time. While the user might regain use of their files they become more vulnerable to subsequent malware attacks.
Ransomware is the most prevalent threat that can cause serious damage to your data. By employing best practices such as backing-up your files regularly and keeping your antivirus software up to-date, and being mindful of suspicious emails or software will allow you to keep your files safe from any external threat.
References for this article:
Courtney Rosebush is a Marketing and Sales Coordinator at Triella, a technology consulting firm specializing in providing technology audits, planning advice, project management and other CIO-related services to small and medium sized firms. Courtney can be reached at 647.426.1004 x 227. For additional articles, go to www.triella.com/publications. Triella is a VMware Professional Partner, Microsoft Certified Partner, Citrix Solution Advisor – Silver, Dell Preferred Partner, Authorized Worldox Reseller and a Kaspersky Reseller.
© 2016 by Triella Corp. All rights reserved. Reproduction with credit is permitted.