by Larry Magid
This post first appeared in the Mercury News
It can happen to anyone. Suddenly you can’t access the files on your computer or you may be completely locked out of the machine. And then you got a message from a hacker, demanding a payment to unlock your data. They may ask for cryptocurrency (like Bitcoin) or for gift cards, because there is no way to cancel or easily trace those transactions.
A ransomware attack can encrypt data or lock you completely out of your device. It can also be used as a form of blackmail or extortion if the hacker finds something that they think may embarrass or incriminate you. Although victims are often large companies or public agencies, it can affect small businesses or people at home.
Ransomware, according to the Department of Homeland Security’s Cybersecurity & Infrastructure Security Agency (CISA), “is commonly delivered through phishing emails (usually disguised to appear to come from a legitimate source encouraging you to click on a link) or via ‘drive-by downloads that automatically download malicious software when you visit a malicious site. Such downloads, says McAfee security, “usually take advantage of (or “exploit”) a browser, app, or operating system that is out of date and has a security flaw.
There are ways to help prevent drive by downloads and make it a lot easier to recover if you are victimized. These include making sure that your device’s operating system and all your software — especially your browsers — are kept up to date with the most recent security patches. Both Windows and Macs should update or notify you about a necessary update automatically, but both enable you to manually check, which is a good idea. For instructions on how to update operating systems for Windows, Macs, iPhones, and Android, visit ConnectSafely.org/updates.
It’s important to use antivirus software. Windows comes with Microsoft Defender, which is actually very good. Other antivirus programs from Norton LifeLock, McAfee and Trend Micro offer some additional features and protections for smartphones.
Be very careful before clicking on any links in email, even if the sender is someone you know. They could be leading you to a malicious site. The same is true on social media or if you see a link on a site that you’re not familiar with. If you get an email that appears to come from your bank or other trusted source, check with them before clicking on a link or access the company’s website directly from your browser rather than clicking.
Backing up is an essential protection
To me, the most important thing you can do is to always have a backup of all your data so — even if there is a ransomware attack, you can recover your data without the aid of the criminals. I take a “belt-and-suspenders” approach. I use a cloud backup and synchronization service that automatically backs up files as they’re created on the Dropbox’s servers so, even if something happened to my PC or even my house, the data is safely stored off-premise. Microsoft, Apple and Google also offer cloud services which – in some cases — are free or bundled with other software (like Microsoft Office).
I highly recommend an external backup drive or high-capacity thumb drive with software that automatically backs up your files. I like the convenience of having the backup in-house but would never rely on this as my only solution because it’s vulnerable to theft, damage and being hacked if my PC is hacked. As an extra precaution, consider copying your most important files to a thumb drive and storing it in a fireproof safe or away from your house — perhaps at a good friend or relative’s house.
Invest $35 in a thumb drive
I can’t overemphasize the importance of having a backup. You can replace objects and software, but not precious memories or important documents stored on your machine. You can buy high-capacity thumb drives — likely big enough for all your data — for as little as $35. You’ll find some at tinyurl.com/bigthumbdrives.
If you are a victim
The FBI “does not support paying a ransom” and points out that paying doesn’t necessarily mean you’ll get your data back, plus it “encourages perpetrators to target more victims and offers an incentive for others to get involved in this type of illegal activity.” They recommend you contact your local FBI field office plus you might want to contact your local police department. It’s always important to report crimes, but it’s very unlikely that the police or FBI will be able to recover your data.
In a Forbes post, author Wayne Rash recommends that you “record the details of the ransom note that appears on the screen. You may need to take a photo with your phone.” It could help in recovery and may be useful to law enforcement.
There are products that claim to help you recover from ransomware, but they’re mostly aimed (and priced) for large organizations, and they may not work. As a consumer, your best protection is prevention and — I’ll say it again — backup of all your data to an off-premise cloud service and a drive, CDs or DVDs that aren’t connected to your PC. However, nomoreransom.org reportedly has free tools that are worth a try.
As a consumer, your best protection is prevention and — I’ll say it again — backup of all your data to an off-premise cloud service and a drive, CDs or DVDs that aren’t connected to your PC.