Not a day goes by we don’t hear about yet another “ransomware” attack, it seems – including recent high-profile attacks on a major U.S. oil pipeline and the world’s largest meat processing company.
Even President Joe Biden has pressured Russian President Vladimir Putin to crack down on Russian ransomware attacks to “avoid unnecessary action.”
As the name suggests, ransomware is an attack that locks your computer and demands a ransom to give back your data.
Cybercriminals typically target businesses and governments — in the hopes they’ll pay significant bounties to release files and perhaps avoid a public relations disaster — but opportunistic crooks also extort money from regular computer users, like you and me. Because hey, it all adds up.
You might sit down to use your laptop or desktop and see an on-screen alert that states your computer has been locked, or that your files have been “encrypted.” To obtain a decryption key, you must pay up. The ransom demanded from individuals varies greatly, but is typically a few hundred dollars, and must be paid in difficult-to-trace cryptocurrency, such as Bitcoin.
(For businesses, including healthcare facilities and universities, criminals typically extort $100,000 or more — or else the obtained files will be deleted, sold, or published online to humiliate the organization.)
Ransomware is most often a computer program on the other end of the extortion, rather than a live human waiting for you to pay.
So, what to do?
According to cybersecurity experts, the rule of thumb is not to give in.
Who’s responsible for COVID-19 misinfo?: Lawmakers introduce bill to hold Facebook, Twitter accountable
Summer Games: How to see the Tokyo Olympics in 4K video
“Even if you pay for a ‘decrypter’ there’s no guarantee you’ll get your files back,” cautions Darren Shou, Chief Technology Officer at NortonLifeLock, a leading cyber safety company. “In fact, paying encourages more criminal activity.”
Shou says these criminals are hoping for an “emotional response,” and thus act quickly to put your hand in your pocket. “It’s a scary moment when you realize someone put a lock on your stuff…you’ll often see text is in red, and maybe blinking — it’s scary.”
Ransomware is on the rise, confirms Shou, for both consumers and enterprise companies. NortonLifeLock has seen a 35 percent increase in the last quarter alone, and with 537,137 ransomware detections out of a total of 919 million total cyber threats blocked by Norton over the past 100 days, Shou says. “Ransomware is big business.”
If you’re attacked, experts suggest to disconnect the computer from the network, such as turning off Wi-Fi, and on another device, do an online search to determine the kind of ransomware you were hit with. Look for some information on your hijacked computer screen, and perhaps take a photo, too, as a back-up. Sites like No More Ransom maybe able to help by matching your ransomware with a free tool to remove it. While it may take some trial and error, there are some no-cost decrypters to use (from trusted sources) and run anti-malware software, too.
Or you can bring a locked computer to a trusted technician to attempt to decrypt the files. Best Buy’s Geek Squad offers such as service, for example.
Shou confirms to get as much information as possible “and report the crime, as it helps law enforcement and investigators try to find the perpetrators and prevent future attacks.” Shou says to report the crime if you already paid, as well.
Adding insult to injury, there are also cases of “double extortion,” where the criminals have already exfiltrated your data and kept a copy before you paid the first time, and then may attack you again by threatening to release private and potentially embarrassing emails, texts, or images.
The best offense, of course, is a strong defense.
Smart software and common sense can help minimize the odds of a ransomware attack.
Proactively install anti-malware cybersecurity software on all your devices and don’t let it expire at the end of the year. NortonLifeLock, for example, has various options, starting at $39.99/year.
Delete suspicious emails and text messages from your bank, Internet Services Provider (ISP), credit card company, and so on, instead of clicking on the link that takes you to a phony site asking you for personal information. These phishing scams attempt to “lure” you to an authentic-looking site. Know that organizations like your bank or the IRS will never reach out to you via email and ask you to urgently confirm your personal or financial details. On a related note, never click on email attachments you’re not expecting.
Only download apps (programs) from trusted sources, such as the Microsoft Store (for Windows 10), the Mac App Store (for Mac users), App Store (iPhone, iPad) or Google Play for Android devices and Chromebooks.
Keep apps and operating systems fully updated, where possible set to auto-update, so you don’t have to remember to do it. “Just as we need to do regular maintenance on our cars and homes, we also have to do device maintenance, such as keeping software up to date,” suggests Shou.
On a related note, make sure the devices you have on your network, like a wireless printer or router, are also updated with the latest software ( “firmware”).
Finally, regular back-ups are of critical importance, whether it’s an offline solution (like an inexpensive external hard drive, solid state drive, or even a thumb drive) or an online cloud services (iCloud, Google Drive, Dropbox, and so on), or both. Back-ups protect your files in the event of a ransomware attack (or other kinds of malware), as well as theft, fire or flood, or a power surge that fries your hard drive.
Follow Marc on Twitter for his “Tech Tip of the Day” posts: @marc_saltzman. Email him or subscribe to his Tech It Out podcast at https://marcsaltzman.com/podcasts.