You may have noticed that recently something called ransomware has been making headlines a lot lately. Although this form of cybercrime has been prevalent since 2005. In the past few months there has been a rapid rise in these cases. Starting in 2013 Cryptolocker, and more recently Cryptowall have proved to be too much for authorities to handle.
The recent rash seems to have its epicenter in eastern Europe and Russia by teams or individuals targeting those in the West: particularly the US and UK. Initially mainly targeting individuals those launching the attacks have now incorporated attacks on bigger fish as well. Small businesses, local law enforcement, and large enterprises have all fallen victim to ransomware attacks.
So what is a ransomware attack? It’s when a program makes its way onto your computer and begins encrypting files- usually commonly used file types like those associated with Microsoft Office, Adobe, and media players and photo viewers. Once this program has started to take control of your computer you will see a message popup sometimes claiming that your computer has been locked by the FBI or some other federal agency. And the only way to retrieve your files is to pay a ransom (get it: ransomware)- anywhere from $200-10,000 or more.
So what makes ransomware attacks so successful? One reason is the way they infiltrate the target system. Ransomware is able to get onto your computer in several ways: clicking infected advertisement, opening a link in an email, and most common- downloading an email attachment. Furthermore, the recent ransomware programs are robust. Cryptolocker and Cryptowall continue to stay ahead of the game by releasing updated versions. The encryption used is so robust in fact that authorities have yet to crack the encryption used, leading even the FBI to tell victims to just pay the ransom amount.
However, there are several things you can do to prevent being targeted and mitigate the damages in the case that you do fall victim to this type of cybercrime.
Protecting Yourself From Ransomware
- The easiest way to bypass a ransomware attack is to backup your data to a backup service on a regular basis. This means that should your machine become infected, you can access your files after cleaning up your machine. Backing up locally will allow you to also simply restore your computer to an earlier point. However, sometimes Cryptolocker and Cryptowall are able to attack those files as well. Another way to backup your system is to put your important files on an external hard drive. But using this method still leaves your files exposed as Cryptolocker and CryptoWall will affect any mapped drive- like an external hard drive that shows up as a letter like (D:, E: etc.). So if you use this method be sure that you unplug the external when not backing up your data.
- Another easy trick that many users neglect is staying up to date on patches and updates on their software. Software companies naturally want their product as secure as possible so once a vulnerability is found they tend to fix the problem quickly. Just be sure to enable automatic updates or visit the manufacture’s website to stay on top of updates and patches.
- Use a trusted security program. This again, is a no brainer for most users. Not only will it detect malware but it will also help with ransomware- although Cryptowall and Cryptolocker are particularly good at avoiding these. Still having a reputable security suite like Malwarebytes in your arsenal should help you remove the ransomware- but not recover files. Plus having a good security routine will help avoid computer induced heartache down the road.
- For email filtering you can choose to disregard received emails that have a .exe (executable) file extension on them. If you do need to transfer a .exe file you can receive it another way like zip files or cloud services like Dropbox.
If you still find yourself a victim of ransomware most experts (however not the FBI) agree that it’s best not to pay the ransom. Latest surveys suggest that only about 3% of infected machines actually pay the ransom. But that didn’t stop criminals from walking away with at least $18 million in 2014 (which might be actually closer to $325 million due to unreported incidents). Including a police department in Maine that got hit up for $300.
Also a general practice to avoid all types of malware and ransomware is to avoid opening unexpected or unfamiliar emails. As a last resort if you suspect you clicked a dangerous link you can quickly disconnect your WiFi or Ethernet cord- which may prevent the malware from being fully implemented on your computer.
In any case following the above steps you will at least give a course of action should your machine become infected. But having common sense and a little suspicion of strange activity will go a long way as well.
If you take your privacy as seriously as we do, then you should follow @LiquidVPN
You can follow the author @FreelanceTony
Sharing is Caring