Are you aware of malicious software known as ransomware? Since the beginning of this year ransomware attacks have been on the rise and they’re nasty. Ransomware will encrypt all of the files on your computer. You won’t be able to access any of them and you will be prompted to pay a ransom to unlock all of your data. The ransom varies but, it’s commonly in the range of $200 - $400. To top it off, if you pay these crooks, there is no guarantee they will unlock your computer. Paying them is not advised in any situation. Once your computer is infected, there is nothing you can do to unlock it. The only real choice you have is to wipe your hard drive clean and start over from scratch. Yes, in the process you will lose everything on your computer.
Recent attacks have been so nasty, that the United States and Canada issued a joint cyber alert on Thursday March 31, 2016. A link to the U.S. Department of Homeland Security cyber alert can be found at the end of this post for more information. For now, let’s take a look at some of the highlights:
How does Ransomware happen?
“Ransomware is often spread through phishing emails that contain malicious attachments or through drive-by downloading. Drive-by downloading occurs when a user unknowingly visits an infected website and then malware is downloaded and installed without the user’s knowledge.”
Department of Homeland Security
Ransomware may lock up your entire screen prompting you with a message to make you panic and give in to their demands. The U.S. Department of Homeland Security provided these few examples:
“Your computer has been infected with a virus. Click here to resolve the issue.”
“Your computer was used to visit websites with illegal content. To unlock your computer, you must pay a $100 fine.”
“All files on your computer have been encrypted. You must pay this ransom within 72 hours to regain access to your data.”
Please remember, paying the ransom is not advised. According to the U.S. Department of Homeland Security, “paying the ransom does not guarantee the encrypted files will be released; it only guarantees that the malicious actors receive the victim’s money, and in some cases, their banking information. In addition, decrypting files does not mean the malware infection itself has been removed.”
How can I protect myself against Ransomware?
Backup all of your files onto an external hard drive. Once your backup has completed, safely disconnect the external hard drive from your computer. If the external hard drive is still connected to the computer, ransomware can infect and lock up the external hard drive as well.
Use application whitelisting to help prevent malicious software and unapproved programs from running. Interested in application whitelisting? Check out this article from howtogeek.com. The article explains the Family Safety feature in Windows 8. Instructions will be similar for Windows 10 and they note how to get this feature for Windows 7.
Update your operating system and software to the newest version. Staying current reduces your risk of an attack.
Have anti-virus software installed on your computer and make sure it is up to date. When downloading files from the Internet, scan the downloaded files before you open them to check for malware. In addition to anti-virus software, get anti-malware software such as Malwarebytes.
Restrict user permissions from installing and running unwanted software, and apply the principle of “Least Privilege” to all systems and services. This may prevent malware from running or limit its ability to spread through the network.
Avoid enabling macros from email attachments. Enabling macros will activate the malware installation coding to run.
Don’t click on links in unsolicited emails. Be careful when clicking on any links in an email, even from people and organizations you know. Crooks have gotten very good at making their email scams look very professional.
Take precautions to protect yourself from ransomware. Back up your files as soon as possible. Losing all of your data will be devastating. I highly recommend you look over the official cyber alert from the U.S. Department of Homeland Security for more information by clicking the link below:
Click here to read the cyber alert