What protection can I use against these ransomware attacks?
This question was answered on March 10, 2015. Much of the information contained herein may have changed since posting.
Ransomware, which was once a pretty easy thing to defeat and recover from, has become a sophisticated extortion tool for cyber thieves around the world.
Earlier versions of the threat would make changes to your operating system so you couldn’t do much of anything until you got rid of the malicious code.
Getting rid of the infection would put everything back in order because they weren’t going after your personal data files.
Today's version of ransomware is referred to as ‘crypto-ransomware’ because it encrypts just about every type of data file you care about and removing the virus won’t restore those files.
Encryption essentially scrambles all the data and the only way to de-scramble everything is with the encryption key that was initially used in the attack.
There is no reasonable process for decrypting your data files without the key, so you’re forced to either pay the ransom to get the key or lose all the files that are being held hostage, unless you have an uninfected backup of your critical data.
There are countless stories all over the Internet of people that were forced to pay the ransom, because they didn’t have a protected backup that the thieves couldn’t get to.
Unfortunately, even if you have an external backup drive attached to your computer, the crypto-ransomware will attack it and encrypt the backup files on it as well.
The most recent method of infection comes in the form of an e-mail that appears to be an electronic fax from someone you work with.
The current ransom starts at $500 and goes up if you don’t pay within a specific period of time and the ransom generally has to be paid using Bitcoin.
The thieves are very good at making sure you get your data back if you pay and even include ‘customer service’ websites to assist. They know that if the word got out that paying didn’t result in the recovery of the data, no one would ever pay.
For many reasons, including protecting yourself from ransomware, it’s imperative these days to adhere to the 3-2-1 rule: 3 copies of your data on 2 different devices with 1 off-site copy.
Besides providing protection against the growing crypto-ransomware attacks, this approach will also protect you against threats like fire, flood, theft, sabotage, user errors and lots of other malicious attacks.
The easiest way to accomplish this for the average user is to use both an external backup drive and an online backup service that stores multiple versions of your critical data.
If this is all too confusing for you to setup, get some help.
It’s way too important to ignore and could be extremely costly if you or anyone in your family or business falls for their very clever tricks.
Ransomware has become such a lucrative scam that they'll continue to find ways to bypass security programs by focusing on the weakest security link: humans.
About the author
Posted by Ken Colburn of Data Doctors on March 10, 2015