By Chris David
Deciding to buckle down and get some work done, you turn on your computer. You navigate to your work folders… But all your important files are gone. In their place, you see unintelligible gibberish and a new text document telling you that all your files have been replaced. But you can pay a fee to get them back. You panic. You search your hard drive for your photos, documents and spreadsheets. But everything is gone. You’ve just been a victim of ransomware.
From a technical and moneymaking perspective, the idea of ransomware was genius. Or let’s say… diabolical. Invent a program that once installed on a target computer, encrypts and hides all a user’s files, then charge the user to give them back their own files.
And the money started rolling in.
Small businesses, corporations, governments, hospitals and individuals have all fallen victim to ransomware attacks. The median amount demanded per ransom has soared past 10,000 dollars. So far, the highest amount paid by a local government to recover files was $600,000 (2019 – Lake City, Florida).
Even if you decide to pay the ransom (which we recommend you don’t), you have no guarantee that you’ll be able to successfully decrypt the files. So make life easier for you and your business. Follow a few easy tips and decrease your chances of falling victim to a ransomware attack.
Watch your incoming emails
Most malware and ransomware attacks find their way to target computers via email (specifically via phishing scams). So learn to view all incoming emails with a suspicious eye. Always review the sender’s email address and contact information.
If the message looks fishy, then dump it.
You especially want to review any email with an included attachment. With a growing number of vulnerabilities in operating systems, almost any attachment could be a vector for attack. So before you download and open any attached files, make sure you know what it is and who it came from.
Also check for links in email messages. Anything asking you to “click here”, don’t do it! First review the URL destination by putting your mouse cursor over the link. Give the destination a long, hard look, since many scammers will register sites with names that resemble legitimate sites.
Prevent malware executables from running
Everyone should run some sort of anti-malware, anti-virus software. A good security program will detect malicious (but maybe not all) files and stop them in their tracks. The good news is that Windows 10 comes with an anti-malware program, already running in the background.
If you want something additional or more robust, we recommend Malwarebytes.
Another important step is to disable macros in programs like Word and Excel. Macros can run in the background of a document or spreadsheet and download ransomware programs in the background.
Restrict access via permissions
Any program that runs in the context of your user account has access to anything that you do. Any file you have access to, a ransomware program can find it and encrypt it. So make sure you limit your normal day-to-day user account to the necessary resources only.
One simple way to do this is to remove administrator rights from your day-to-day account. Create another user for admin functions, like when you need to install programs or change your computer configuration, and use a limited account for your daily work.
If you’re running a small business network, make sure that drive permissions are assigned so that only people that need certain files have access to them.
Run regular backups
At the very least, you should have a once-weekly backup of all your files. For small business or individuals that work on many projects during the week, perform a nightly backup. If disaster strikes, you won’t have to worry about lost files or paying a ransom. Just wipe your computer and restore the backup.
From on-site backups, to external hard drives and cloud storage, you can choose from many backup programs and solutions. Factor the cost and the complexity and choose something that works for you. We recommend you have copies of your most important files in at least two locations, in addition to your day-to-day computer.
Compartmentalize your backups
Your backups should be completely disconnected from the user account that owns the files. In other words, your daily user account should not have access to the backups. Otherwise, if ransomware starts running, you’ll lose your backups too.
Keep your backups under another user account, and keep at least one copy completely offline. Think about keeping a copy of your most important files on an external hard drive, disconnected from your computer, and only connect it when you run a periodic backup. Cloud backups can also be a good solution to compartmentalize your backup files.
Train your users
These tips won’t mean a thing if you don’t share them. Make sure your users, family members and anyone else on your computers know the basics of secure computing and how to avoid a ransomware infection.
Don’t pay the ransom
According to Malwarebytes, nearly 40 percent of victims paid the ransom. But consider this: even if you pay the ransom, you’re dealing with scammers. There’s no guarantee you’ll get the keys to decrypt your files. Or even if you get the keys, the decryption program might not work.
There are no warranties after all.
The best way to discourage ransomware is to not engage the scammers. Any payment will only further incentivize the scammers and fund them to continue their attacks in the future.
Ransomware costs businesses more than $75 billion every year. And a typical ransom demand will be at least $5000. Are you prepared to pay the ransom to get your files back? Or are you prepared to recognize ransomware scams and stop them before you get infected?
Protect your computer and your company, and follow these tips from ComputerKick!