Ransomware – What you need to know to protect yourself

Ransomware

For most computer users, a malicious form of code referred to as ransomware can be among the most frightening forms of computer infection. Imagine you’re online when suddenly, your screen is replaced by a message that appears to be from a law enforcement agency, demanding money, or a message saying your files are locked unless you pay a ransom to release them.

One particular example of ransomware, referred to as filecoders, is designed to extort money by encrypting a user’s computer files and demanding payment of a ransom (often through untraceable channels like Bitcoin) in order to access them. One of the most pervasive strains of this type of malware is called CryptoLocker.

Below are some helpful ideas that may benefit you, even if you’ve already become a victim.

Do not pay the money

No police force will lock your computer and demand money. The message on your screen is NOT from the FBI or any other law enforcement agency. Most IT security experts would advise you to not pay the ransom. Instead, if you can’t unlock it yourself, you should contact a computer professional. In some cases there may be nothing you can do, but an IT professional should be your first stop.

Yes, there have been cases where the victim paid the ransom and did get their files unlocked. However, do you really want to reward these criminals by paying them, trusting that they will do the right thing? What guarantee do you have that they have not left some code behind to infect you again in a few weeks? Would you pay again? Probably not.

Don’t be fooled into thinking that if you get past the lock screen, it’s “gone”.

It is sometimes possible to get past the lock screen displayed by some forms of ransomware. However, that does not mean you’re out of the woods. Your computer is probably still infected. You should either invest in anti-virus software or contact an IT professional for help.

Try to recover your files

Unless you have in-depth knowledge, you should contact an IT professional to help you deal with ransomware. However, don’t get your hopes up. There are several variants in play currently that use strong encryption which is nearly impossible to break.  In some cases, when the ransomware uses a weak cipher, or a faulty implementation, or stores the encryption password somewhere to be recovered, it may be possible to decrypt the files.  Unfortunately, in most cases, the attackers have learned to avoid these mistakes and recovering the encrypted files without the encryption key is nearly impossible.

Don’t download unlicensed software, music or movies

Websites and peer-to-peer networks offering free music, games or films are often infested with malware. In recent months, cybercriminals have been using Google searches to infect wannabe pirates with ransomware. Ordinary Internet searches lead people to sites that looks legitimate but are actually loaded with “drive-by” malware. Cybercriminals increase their chances of snaring traffic by using “black hat” Search Engine Optimization (SEO) tactics to push infected sites high up in Google results.

If you are backed up, you’re “safe” from ransomware.

These cybercriminals rely on one thing; that you keep unique, un-duplicated files on your PC. The best way to avoid this problem is to not give them that advantage. You wouldn’t keep your most precious valuables on the front seat of your car would you? No, you’d locked them in a safe or some other secure location. You should do the same with your computer files.  If you have your files backed-up, then the malware is merely a nuisance.  The importance of doing regular back-ups of your files cannot be recommended strongly enough.

Choose the right back-up solution for you.

For most users, a simple way to start “backing up” your files without delving into complex solutions is to use cloud services such as Google Drive, Amazon, Carbonite or OneDrive to store documents, music, videos and photos. Some of these services offer free versions, and can at least save some of the most personal files on your computer from being devoured by malware.

If you prefer to keep your files closer to home and out of the cloud, external hard drives with a terabyte of storage space cost less than $75 in 2015.

Preventing ransomware and malware infections

Avoiding ransomware is much the same as avoiding other types of other malware and viruses.

  • Always run a good antivirus utility and keep your Windows operating system and browser-related components current with the latest security updates.
  • Keep your browser clean to prevent adware invasions that could lead to malware infections.
  • Always, always, always be wary of any unexpected email attachments and spam. Ransomware like CryptoLocker often spreads via .zip files sent as email attachments.

Finally, just to beat this dead horse one more time… Always have a good backup system in place, just in case your PC does become infected and you are unable to recover your files. This one step is probably the most important thing you can do to protect the loss of your most precious information and files.