The Atlanta Journal-Constitution
What to do when your computer is hijacked
So there you are clicking along happily at your computer when – out of the blue – a message appears on your machine. It tells you that all your data have been encrypted and are no longer available to you. In an instant your computer has become an expensive paperweight.
As you continue to read the message on your screen you learn that cybercrooks are holding your computer for ransom. The message tells you that, if you want to see the information again you must pay them. It could be hundreds of dollars; it could be thousands of dollars. But, you are told, pay up or forever lose your data.
Just to add insult to injury you are told that the price you must pay to get your information back goes up each day. Pay today for this price, or pay tomorrow for more. Once you pay you will get what amounts to a password that, once entered, will remove the encryption and let you use your data again.
At first you are hopeful. You are sure that there’s some anti-malware program out there that will remove the encryption. There’s no way you are going to pay a bunch of crooks. As you read about the stuff online you learn – if you have the cream of the crop version of this malware, the stuff that really works – there is nothing that can be done. The message is correct. You pay up or forfeit your data forever. There is no program that can fix things if you have the most powerful type of ransomware. (There are some malware programs that deliver the message that everything is encrypted but, when you restart the computer all is fine. You are lucky if that’s what hits you).
Ransomware has been in the news a lot lately. It’s actually been around for a while and I even wrote a column or two about it. But the latest epidemic of it attracted a lot of news coverage since it hit some big government and private institutions including hospitals. Some of those hospitals were so crippled that they had to postpone surgeries and other treatments.
So it’s a big deal and worth talking about again, especially since it truly is a problem that can’t be fixed even by the smartest computer experts.
There are three main things to talk about.
How does it get on a computer?
It often arrives as what is called a stealth download. That’s a really scary sort of delivery method. You arrive at a website that has the ransomware lurking around and it downloads to your computer automatically. You don’t see a thing when it happens and it doesn’t require any clicking or bad security practices on your part. It can also arrive via email attachments or by clicking on an online ad. But it’s especially troublesome that even legitimate websites can become infected and then deliver it to your computer.
How do I avoid that happening?
Microsoft has created patches for most modern versions of Windows. They should arrive automatically. So make sure you install all patches. Many anti-malware programs have beefed up their protection capabilities for ransomware. For instance both Symantec (Norton) and Malwarebytes have done a good job. This may be the time to switch from free anti-malware software to commercial software since it offers the best protection.
How do I recover without paying?
Let’s say that ransomware slipped through your security and it’s crippled your computer – there is still a way to recover without paying the price. Make sure you back-up your data regularly. That way you can erase the hard disk and start all over by restoring backed up data. It’s a hassle but better than paying a bunch of crooks. But make sure that you keep several back-ups. Your latest may have been made after the infection. So save backups that go back a week or so.
Look this is too important and too dangerous to let what I’ve just said be all you know about ransomware. Let me recommend this website for more information:
https://heimdalsecurity. com/blog/what-is-ransomware-protection/#ransom waredistribution
Finally, please pay attention to this problem. It’s a severe one. So do follow my tips and the tips you see on the website I mentioned. This is a truly dangerous and sophisticated threat.