Unless you have been living under a rock for the last week or so, you probably heard about the massive global hacking attack that so far has hit 150 countries. This attack used a type of malicious software called “ransomware”. This attack hit governments and hospitals, but individuals were targeted as well. Most notably was the National Healthcare Service of Great Britain, which literally shutdown the NHS, causing them to turn patients away due to their systems being inaccessible.
What is Ransomware?
So, the question for the average user is, “What is ransomware?” In a nutshell, it is malicious software that locks all your files up from being opened. The only way you can unlock them is to enter what is called a “decryption key”. So, how do you get that decryption key? You guessed it, you pay a ransom to the hacker. That ransom may come in the form of doing a money transfer payment, such as a bank wire, or more often, you will pay them in Bitcoin, which is a type of electronic currency. Of course, there are zero guarantees that you will ever get that decryption key. Many times, the hacker never sends it. So now you have not only lost all your data, you’ve lost cash too. That cash ransom by the way, can be just a few hundred dollars, to thousands.
How Do I Get This?
A person can get ransomware several ways. One of those ways is by clicking on an email attachment that seems legitimate, like a Word document, or a JPEG (picture file). You can also get ransomware by clicking on a web link in an email that may refer to something like a UPS shipment notification. In either scenario, you click it, and that is where the fun, or non-fun, begins. You will usually have your entire screen display something like, “All your files have been encrypted.”, and it will demand you pay a ransom by a certain date, or your files will be gone forever.
How Do I Stop This From Happening?
There are ways to mitigate your risk at getting ransomware. First, make sure your operating system is up to date. If you have been postponing those Windows Updates, postpone them no longer. There is a reason why you have updates, and many times it is because Microsoft has discovered a vulnerability that hackers can use to attack you.
For you Mac users who are in smug mode thinking you are immune because you are on a Mac, guess what? You are not exempt. Earlier this year a strain of ransomware, specifically designed to attack the Mac OS, was discovered. So, the update manager that has been telling you to update, you should probably do that like right now.
The second thing you can do is make sure you have antivirus on your computer and that it is up to date. If you have been seeing that little message popup that your antivirus is expired and you need to renew, do it today. If it costs too much, then shop around. There are many free options out there that work just fine. Some of those antivirus options are Avast or AVG. Microsoft Windows has its own antivirus, Windows Defender, that is also free of charge and works quite well at stopping viruses, Trojans, and other things that could launch ransomware.
Finally, there are some companies that offer software specifically designed to prevent ransomware. CryptoPrevent, is a nice little app that runs in the background on your computer. Also, BitDefender has an app that runs on your machine to stop ransomware before it starts. Both are hardly noticeable, and do not slow your machine down. I strongly recommend using a combination of antivirus and some sort of anti-ransomware software together to provide a solid layer of protection.
I Got Hit. What Do I Do?
If you got hit with ransomware, first off my condolences. However, there may be hope for you to recover your information without having to pay that ransom. Many security research companies offer free tools for you to install on your machine that will target the ransomware infection, and not only remove it, but will decrypt your files. However, there is no guarantee on this, because not all ransomware has been cracked that is out there.
Another way to recover from this is to restore from a backup. Windows has a System Restore functionality that will allow you to revert your PC to a previous point in time. However, some ransomware, as part of its function, is to delete those backups. Therefore, this may or may not work. If you read my recent article on cloud backups and have implemented that strategy, then you have another option. Wipe your entire hard drive, reinstall Windows, and restore from the cloud. This last option may prove to be a faster way to recover, because you could literally spend hours trying to clean an infection like ransomware off your machine.
Do Not Delay
There are some individuals and businesses that may not want to take the time, or money, to invest in protecting against ransomware. If you are on the fence, consider what type of impact it would have if you lost everything due to a hacker attack? Would your business survive if all your customer files were being held for ransom? How about all those precious pictures of your kids growing up now suddenly gone because you don’t have $10K lying around to pay the ransom for your files? In conclusion, you cannot afford to delay upgrading your systems security features. If ransomware can shutdown portions of a government run healthcare system, imagine what it could do to you.