Ransomware: How to Stay Protected

ransom2

You may have heard of a relatively new trend in computer malware. Known by the fitting term “ransomware,” it serves as a form of extortion, holding your computer and/or your data hostage until a fee is paid to the attackers, usually in the hundreds of dollars or more. Some types of ransomware are relatively easy to deal with—while the attackers claim that the only way to unlock your computer is to pay them, it can still be removed using safe mode or other recovery tools. But there’s also a more sinister variant of ransomware; once you’ve been hit with this malware, there really is no way to get your data back without paying up. Even having a backup might not save you, depending on how it’s set up.

            Once your computer is infected with this type of malware, it will begin encrypting your files. At this point, if your antivirus software doesn’t detect it, you most likely won’t notice what’s happening. This more virulent form can also infect connected removable drives and even network shares. If you have a backup device connected, or if you have other files that can be modified over the network by the infected computer, those will be encrypted as well.

            Once that’s done, the malware comes out of hiding, making itself quite visible. A message appears, sometimes purporting to come from a government agency such as the FBI, informing users of what has happened to their files, and preventing the computer from being used for any purpose other than to pay for the key needed to decrypt the files.

            Because the key is stored on a remote server, if the malware encrypted all of your backups, you unfortunately only have two options, neither of which is very pleasant: you can either pay the fee to decrypt your files (which generally does work) or reformat the PC and lose your data forever. If you choose the former, however, it’s still wise to backup and reformat the PC, as there may be some backdoors left over by the malware—these are criminals we’re dealing with, after all.

            As always, the wisest course is to prevent this problem from occurring in the first place. Be careful where you download software, don’t visit questionable sites, and keep software like your browser, antivirus, and operating system up to date. It’s also a good idea to disconnect your backup device when there isn’t a backup or restore in progress. The best idea, however, is to use a cloud backup service as this is generally considered safe from ransomware.