Ransomware, as it’s been dubbed, is the latest form of cyberattack. The bad guys drop an infected application on your computer. This infected application then goes through all your files and encodes them so they aren’t accessible to you. Inaccessible, that is, unless you pay the cybercrook. If you do that, the bad guys (in theory) send you the master key to decode all your files.
Of course, this implies that the criminals will actually send you the key if you pay them. Also, that the key works to restore your files. And so on.
Many institutions, from the University of Vermont Health System to the City of Baltimore, have fallen victim to ransomware in the past few years. The cost to recover from such incursions is enormous, in time and money. It also means critical systems like patient records may be unavailable or, in the worst case, deleted.
You are much better off taking steps to prevent this kind of attack before it happens. While the criminals are always revising their methods to stay current, there are some things you can do to keep the risk at bay.
First and most important, you need to have at least one backup of your computer’s files. External hard disks are now about $60 for one terabyte, so cost should not be an issue. Make the first backup using the built-in software in Windows (Start > Settings > Update & Security) or the Mac (System Preferences > Time Machine). Keep that backup up-to-date by connecting the hard disk at least daily. Lastly, DON’T leave the backup drive connected all the time. If you do and then get infected with ransomware, your backup drive could be infected as well. Even better, have two backup drives and rotate them.
The most common way for your computer to get infected is a phishing email. Crafted to look like it comes from your bank, credit card company or employer, there is usually an attachment purporting to be an invoice or other document. If you click on it, the bogus web site then installs the malware on your computer, and executes it. You may notice a slowdown while it’s working but very often, the first indication you have a problem is the screen telling where to send the Bitcoin. Do not click on any attachment in an email unless you’re expecting it, even if it comes from someone you know. Their email address may be compromised and being used to try and infect you in turn.
You can also get ransomware by visiting an infected website. Even legitimate websites can have links on them that are really misdirected paths to malware. Before clicking on a link, hover the mouse cursor over the link. The resulting link you see (probably at the bottom of the browser window) should be recognizable as related to the web page you expect to go to. If it appears different, it may be malicious. And if you click on it, you will get ransomware executed on your computer. Paranoia here can save you a lot of heartache later.
If the worst happens, and you get ransomware, what should you do? With that backup you just made, you can restore to a time before the crisis hit. Didn’t keep a backup? You will need to reformat your hard disk and re-install the operating system, application software and documents.