If the data on your computer is important to you, you must back it up – no exceptions! Backups, on the other hand, may not always save you from a disaster… Almost every month, another tale emerges of a company or organization having all of their data encrypted and then having to decide whether or not to pay a ransom to recover it…
Ransomware is a type of malware that encrypts your data and holds it hostage. It turns out that it can do things that backups won’t be able to protect you from. While backups might help prevent data loss during a ransomware assault, attackers’ most recent strategies are much more dangerous.
Ransomware, like viruses, is always developing. Crooks know that if you have solid backups, you are considerably less likely to pay a ransom to regain access to your data. Some ransomware goes so far as to make your data public unless you pay the ransom. This is demonstrated by the recent story concerning Waikato DHB. You can learn more about it by clicking here.
Encryption and ransomware
When ransomware infects your computer or network, your files are encrypted, and you receive a message offering to acquire a decryption key for a specified amount of money in crypto-currency. The normal sums range from a few hundred dollars to several million dollars!
If you pay (and you’re dealing with a “honest” crook), you should get a decryption key or a tool to help you decode your files. Your data will stay encrypted and inaccessible if you don’t.
Backups are essential in the fight against ransomware. If ransomware gains access to your backups, though, it will encrypt them as well. Portable hard drives that you have plugged in all the time are an example, as is saving files on the cloud using services like OneDrive, Google Drive, Dropbox, and iCloud.
It’s a little more difficult to defend against this type of ransomware. After you’ve completed your backups, unplug your hard drives and store them somewhere other than your computer. Even better, as the accounts of many who just fled from the West Coast demonstrate, keep them in a different house.
Ransomware is also less likely to infect online backups. Ransomware is considerably less likely to encrypt your online backups because only the backup program has access to them. I’ll say it again: most cloud sync products are not backups!
Previously, recovering from a ransomware attack was a relatively simple process. You may just restore your backups after cleaning your machine (we always recommend a clean install) and avoid paying the ransom.
A New Danger
The latest ransomware variants take a somewhat different approach. Hackers grab a copy of your data in addition to encrypting it. Even if you are able to remove the ransomware and restore your data from backups, they can threaten you with the data they have taken being made public. The ramifications might be disastrous if you have sensitive data, such as medical records or financial information.
It isn’t really a novel strategy. For years, hackers have been collecting critical information and publishing it online. It’s known as a data breach. When blackmail webcam scams were widespread a few years ago, we wrote about it, and you can read it here.
To add insult to injury, this attack is now being combined with data encryption. If you pay, the fraudsters “promise” not to reveal your information to the public and to remove it. Who knows, maybe they will.
The Old Defense is the New Defense.
After all, ransomware is nothing more than malicious software. What prevents viruses from causing harm will most likely help with ransomware as well. You can keep yourself safe by doing the following:
Maintaining the latest versions of your operating system and software. That means you won’t be able to use Windows 7 or 8. XP, please don’t!
Having a decent antivirus is essential. Free ones are frequently useless because their sole purpose is to gather information about you in order to upsell you to a premium solution.
Avoid dangerous online behavior such as downloading free software or movies, clicking on dubious links, and installing software that just “appeared” on your computer.
Avoid falling for phishing scams and never open unexpected email attachments, especially if they are from people you know.