Let’s set the scene:
All your icons are missing.
Years of photos, gone.
Your computer is like a digital wasteland with nothing on it – except for a digital ransom note
“Warning: All your files are encrypted! Decrypting all your files is only possible with a key and decrypt program which is on our secret server. Decryption will of your files will cost you $300 dollars worth of Bitcoin.”
That’s a fairly confronting message for someone who hasn’t come across ransomware before. And what’s a Bitcoin and where can I buy one?
What are your options?
- Not pay the hackers demands and lose your files
- Pay the hackers and pray that they’ll actually unlock your files
All the while thinking “what if they just encrypt me again?”
The easy way out: restore everything from backup. Because you’ve got great backups… right?
Back the truck up just a second…
What is a Ransomware Attack?
Put simply, Ransomware is bad software that locks your files (using encryption) so you can’t access them without a special digital key. Only the attacker has the key which they only give you after you pay A ransom.
Ransomware is a little different to other types of viruses as it spreads itself openly. It wants you to see your files disappearing to instil fear for your data. You see a nasty message, panic and hand over the Bitcoin.
But I use Google Drive/Dropbox etc. – my files are backed up!
No, they’re not actually unless you’re on a business plan (and even then they’re backed up “kind of”). If you have infected files on your computer they will be synchronised to your online cloud storage platform.
Unless you use a third party backup service, you’re really not any better off.
How do you get infected?
Normally it’s an email that tricks someone into clicking on a link or downloading a file. It could be “your account has been disabled” or “you need to pay this invoice now” or anything in between. Don’t beat yourself up too much either. Highly intelligent people are falling for scams all the time.
And as soon as you’ve downloaded the file, your files will start disappearing – your background might turn red and the ransom note will appear.
What is Bitcoin and why do hackers use it?
Bitcoin is a digital global currency that is anonymous and untraceable.
MY COMPUTER IS INFECTED. WHAT ARE MY OPTIONS?
If you’ve got yourself some ransomware it’s not panic stations immediately.
Just restore your data from backup. Job done.
Don’t have a backup? Then read on…
Occasionally the infection is a bluff! Try closing the ransom note and restart your device.
Not all hope is lost. There are instances where the infection is merely a bluff from the hacker, trying to profit with little effort. Try closing the window or restarting your device. If the infection persists, there are a number of things you can try before deciding if you’re going to pay or not. There are tons of walkthroughs like this one: https://www.tomsguide.com/us/ransomware-what-to-do-next,news-25107.html
But if that doesn’t work then you’re down to two options:
- Walk away from your data
- Pay the ransom
Some people simply don’t pay because they don’t have to enter a transaction with a criminal.
“The moral and ethical challenge is the ‘we don’t negotiate with terrorists’ line we’ve all seen in movies,” said Trevor Long, a technology commentator for EFTM.com.au. “We feel that’s the right approach, but we are also presented with losing valuable personal memories like photos and videos – or, in the case of businesses, important documents or financial data.”
If you can’t afford to lose your data that’s ok – 70% of victims pay the attackers because they have no alternative.
Fun (?) fact
The earliest known ransomware event occurred way back in 1989, when an attacker posted 20,000 floppy disks to health researchers around the globe. Once infected, victims had to send their payment to a PO box in Panama. You can read more about that here https://www.pri.org/stories/2017-05-17/strange-history-ransomware
Protecting yourself from Ransomware
The war against ransomware is all about protecting your devices from being infected in the first place. Rock IT recommends a few tips to help prevent Ransomware attacks.
- Regular Backups – Using a cloud-based service that’s separate to your online storage or an external device, backup all of your important data at regular intervals. It’s important that this device is not plugged into your machine at all times as anything connected to a device IS also vulnerable in the event of an attack.
- Update Software – Many times software updates include security improvements. When you run outdated software you could be giving a hacker a way into your machine.
- Run security and antivirus software – The best way to combat Ransomware is to block it before it happens. Security and antivirus software will help keep the unwanted software out of your devices.
Or if you don’t have the time, inclination or just can’t be stuffed learning any of this stuff – call a professional who can do it for you!