Ransomware has been around since 1989, but it’s getting worse and spreading faster. Learn how to protect your data.
What is Ransomware?
Ransomware is a type of malicious software that sneaks into a computer, locks the owner out of the system or encrypts the files, and then demands payment to reverse the process. If you pay, you may or may not regain access to your system or your files. You may already know about one type of ransomware. A fake FBI or fake RCMP or fake Interpol warning page opens when you start up your computer. You are accused of violating a scary law. Some form of online payment is demanded. You can’t dismiss the page and you can’t get into the computer. This lock screen ransomware can usually be defeated, although it takes some doing.
Another type of ransomware encrypts your data and demands payment for the key to decrypt them. Sometimes you’ll see a screen similar to the lock screen ransomware, but usually you just find text files on the Desktop and in the directories with the encrypted files. The text files inform you your files are encrypted and provide information on how to pay.
It was, for a time, impossible to recover from this, but one website, NoMoreRansom.org provides a way to upload two of your encrypted files for analysis. If they are encrypted by ransomware for which there is a solution, NoMoreRansom.org will provide you with a link to download the solution. There is no charge for this; these are the good guys. It’s still impossible to decrypt most files, but it’s worth a try. The site is also a good resource to learn more about ransomware and how to prevent your computer from being infected.
How can I protect my computer?
Ransomware often infects a computer through an email link that takes you to a website which then infects the computer. Sometimes an email attachment will infect your computer as soon as you open it. Then, the encryption ransomware works quietly in the background encrypting your files. You don’t even know it’s there until suddenly you can’t open any of your files and you find those ransom notes.
The most basic thing you can do to protect yourself is not to click on any links in any emails. Don’t open email attachments unless you are 100% sure it’s not a trick.
Next, have a current backup of your files. I say again: Have a current backup of your files. In fact, if your files are critical to either your business or your well-being, have more than one current backup of your files.
It is very much better to protect a computer than it is to clean up a computer and try to decrypt files. Use a reputable antivirus program, supplement it with a robust antimalware program, and keep them both up to date. Not all antivirus programs are capable of finding and killing ransomware, but many now include modules that look for ransomware-like behaviour and prevent you from doing something silly. Antimalware programs often provide that as well.
If you don’t want to protect yourself that way, you can use a standalone ransomware protection program like CryptoPrevent from FoolishIT, Malwarebytes Anti-Exploit, or Bitdefender Crypto-Ransomware Vaccine. A more extensive list is here.
Finally, ransomware exploits security vulnerabilities in other programs on computers. It is critical to keep your computer’s software up to date or to uninstall it if you’re not going to use it. Especially keep Windows, Java, every browser you have, Adobe FlashPlayer and your antivirus and antimalware programs current.
I am currently using the built-in anti-ransomware protection in Bitdefender Total Protection. It protects the heck out of things, but can be a little fiddly to set up properly. I use the paid version of CryptoPrevent on another machine and like how its installation is more “Set it and forget it.” What anti-ransomware protection are you using, and what do you like or dislike about it? Email me and I’ll share in a future column.
- 2016: The Year of Ransomware https://blog.cisecurity.org/2016-the-year-of-ransomware/
- NoMoreRansomware.org https://www.nomoreransom.org/
- CryptoPrevent https://www.foolishit.com/cryptoprevent-malware-prevention/
- Malwarebytes Anti-Exploit https://buy.malwarebytes.com/bundle/ca/?ht=malware&c=g-bx01-ca&s=058e.g21&k=malwarebytes%20antiransomware&t=kwd-152326281407&pos=1t2&url=https://buy.malwarebytes.com&gclid=CjwKEAjw34i_BRDH9fbylbDJw1gSJAAvIFqUcxv-tp_XfQQL3WklfmnMIqA67gHXm6L6DiKVMT_YuhoCwDnw_wcB
- Bitdefender Crypto-Ransomware Vaccine https://labs.bitdefender.com/2016/03/combination-crypto-ransomware-vaccine-released/
- Windows Club list of free anti-ransomware tools http://www.thewindowsclub.com/free-anti-ransomware-tools
- Computer Care Kelowna http://computercarekelowna.com/
- Getting Along With Your Computer Column Archives on Castanet http://www.castanet.net/news/Getting-Along-With-Your-Computer/
- Get Cate’s column by email http://www.feedblitz.com/f/f.fbz?Sub=20618
- RSS Feed: http://computercarekelowna.com/feed
Do you need help with your computer? I’m here to help you and your home or business computer get along!
Cate Eales runs Computer Care Kelowna a mobile service helping home users and businesses get along with their computers. To arrange an appointment phone her at 250-764-7043. Cate also welcomes your comments and suggestions. Send email to firstname.lastname@example.org.
This column appeared on Castanet.net September 26, 2016