Tips for preventing ‘ransomware’ attack
A friend called last week in desperation. Her husband responded to a “ransomware” demand that he pay $3,000 to unlock data on his computer that was encrypted by the
hacker. He was told to pay in gift cards and, unfortunately, he complied. He was then given instructions to provide access to his machine to the hacker so that they could go in and give him back access.
He never got that access and his wife called me concerned that the hacker could once again access that machine.
She was right to be concerned because, once a hacker gets inside your PC, there is no telling what malicious software they might have planted that could result in further ransomware attacks or their getting access to your personal information.
One reason they asked for gift cards is because there is no way to cancel the payment once the card information is transferred. Ransomware thefts sometimes ask to be paid in cryptocurrency, like Bitcoin, which is much more difficult to trace than other forms of electronic payment.
A ransomware attack can encrypt data or lock you completely out of your device. It can also be used as a form of blackmail or extortion if the hacker finds something that they think may embarrass or incriminate you. Although victims are often large companies or public agencies, it can affect small businesses or people at home, as my friend sadly discovered.
Ransomware, according to the Department of Homeland Security’s Cybersecurity & Infrastructure Security Agency (CISA), “is commonly delivered through phishing emails ( usually disguised to appear to come from a legitimate source encouraging you to click on a link) or via ‘driveby downloads that automatically download malicious software when you visit a malicious site. Such downloads, says McAfee security, “usually take advantage of (or “exploit”) a browser, app, or operating system that is out of date and has a security flaw.
There are ways to help prevent driveby downloads and make it a lot easier to recover if you are victimized. These include making sure that your device’s operating system and all of your software — especially your browsers — are kept up to date with the most recent security patches. Both Windows and Macs should update or notify you about a necessary update automatically, but both enable you to manually check, which is a good idea. For instructions on how to update operating systems for Windows, Macs, iPhones, and Android, visit ConnectSafely.org/updates.
It’s a very good idea to use antivirus software. Windows comes with Microsoft Defender, which is actually very good. Other antivirus programs from Norton LifeLock, McAfee and Trend Micro offer some additional features and protections for smartphones.
Be very careful before clicking on any links in email, even if the sender is someone you know. They could be leading you to a malicious site. The same is true on social media or if you see a link on a site that you’re not familiar with. If you get an email that appears to come from your bank or other trusted source, check with them before clicking on a link or access the company’s website directly from your browser rather than clicking.
Backing up is an essential protection
To me, the most important thing you can do is to always have a backup of all your data so — even if there is a ransomware attack, you can recover your data without the aid of the criminals. I take a “beltand-suspenders” approach. I use a cloud backup and synchronization service that automatically backs up files as they’re created on the Dropbox’s servers so, even if something happened to my PC or even my house, the data is safely stored off-premise. Microsoft, Apple and Google also offer cloud services which — in some cases — are free or bundled with other software (like Microsoft Office).
I highly recommend an external backup drive or high-capacity thumb drive with software that automatically backs up your files. I like the convenience of having the backup inhouse but would never rely on this as my only solution because it’s vulnerable to theft, damage and being hacked if my PC is hacked. As an extra precaution, consider copying your most important files to a thumb drive and storing it in a fireproof safe or away from your house — perhaps at a good friend or relative’s house.
Invest $35 in a thumb drive
I can’t overemphasize the importance of having a backup. You can replace objects and software, but not precious memories or important documents stored on your machine. You can buy high-capacity thumb drives — likely big enough for all your data — for as little as $35. You’ll find some at tinyurl.com/bigthumbdrives.
If you are a victim The FBI “does not support paying a ransom” and points out that paying doesn’t necessarily mean you’ll get your data back, plus it “encourages perpetrators to target more victims and offers an incentive for others to get involved in this type of illegal activity.” They recommend you contact your local FBI field office plus you might want to contact your local police department. It’s always important to report crimes, but it’s very unlikely that the police or FBI will be able to recover your data.
In a Forbes post, author Wayne Rash recommends that you “record the details of the ransom note that appears on the screen. You may need to take a photo with your phone.” It could help in recovery and may be useful to law enforcement.
There are products that claim to help you recover from ransomware, but they’re mostly aimed (and priced) for large organizations, and they may not work. As a consumer, your best protection is prevention and — I’ll say it again — backup of all your data to an off-premise cloud service and a drive, CDs or DVDs that aren’t connected to your PC.