That Ransomware Problem

Earlier this month a widely-reported ransomware outbreak scared the living daylights out of people all over the world. What happened, and how can you keep it from happening to you?

Protect Your Computer from Ransomware

 

What is Ransomware?

Ransomware is a form of malware, which is short for “malicious software.” Malware takes many forms, but for now let’s concentrate on ransomware.

Ransomware enters a computer system, encrypts the files, and demands payment to decrypt them. Without the decryption key, your files remain scrambled and therefore useless to you. Because the bad guys demand payment for the key, your files are being held for ransom, and that’s where the name comes from.

 

What happened?

Until recently, ransomware typically infected a computer when a user clicked on a malicious email link or attachment. A file would run in the background, resulting eventually in your files being encrypted. This wouldn’t even be apparent until a page popped up telling you about the encryption and saying how to pay.

On May 12, 2017, however, computers became infected not from email attachments, but because the bad guys were able to exploit a flaw in unpatched versions of Windows. People didn’t have to do anything to get clobbered. Vulnerable systems got hit, and once infected, they spread the infection to other vulnerable computers on their own networks. This ransomware is called Wannacry or WannaCrypt, or just wcrypt.

wannacrypt page

 

How can I protect my computers?

Apply your Windows Updates! Microsoft released a patch for supported operating systems to correct this vulnerability last March. Computers that are current on Windows Updates are protected from Wannacry. But not ALL ransomware. Keep your updates current.

Computers running unsupported versions of Windows (XP, Vista, 8.0) are … unsupported! That means they don’t get Windows Updates and this makes them vectors for this kind of attack. So widespread was this problem, that Microsoft issued patches for those unsupported operating systems May 12 and 13. If those systems were patched before they become infected, they’re fine. Patching after the fact doesn’t get those files back.

You can further protect your computers by making sure your antivirus program is up to date and configured to run daily scans. You can supplement your antivirus with antiransomware protection, which has become widely available in the last couple of years.

CryptoPrevent is an excellent choice, and is available here. You can choose the free or a paid version. Read the comparisons on that page.

Paid versions of Bitdefender antivirus contain antiransomware protection. I used this for a year and a half and found it worked well. But it was a challenge to set it up.

The most “set-it-and-forget-it” way to go is with Malwarebytes Premium Version 3. It’s a paid product (currently about CA$50 per year) that is an antivirus/antimalware/antiexploit/antiransomware program. Yes, that’s expensive. Ask yourself if protecting your information is worth $50/year.

Malwarebytes runs well on a decent computer (powerful processor, adequate RAM). It’s easy to set up. There’s lots of information (and a link to buy it…) here.

Be aware that Malwarebytes Premium Version 3 takes the place of antivirus software. If you’re running any other antivirus program, you need to uninstall that completely before you activate the paid (or even trial) version of Malwarebytes Premium 3. (If you stay with the free version, it’s just an antimalware tool. If you stay with the free protection, you shouldn’t ditch your current antivirus protection, BUT you won’t get the antiransomware component.)

Always have at least one backup of your important files. Never, ever click on a link in an email from someone you don’t know, and remain skeptical of links in email from people you do!

 

What if my computer is infected?

If it’s really infected with this ransomware, you’re probably out of luck unless you pay to recover your files. It’s worth checking here to see if there’s a solution for a ransomware problem you are having.

Also, be aware that there are fake ransomware programs that don’t encrypt your files, but say they do just to get you to pay. When in doubt, call in a professional.

 

Do you need help with your computer? I’m here to help you and your home or business computer get along!

Cate Eales runs Computer Care Kelowna, a mobile service helping home users and businesses get along with their computers. To arrange an appointment phone her at 250-764-7043. Cate also welcomes your comments and suggestions. Send email to help@computercarekelowna.com.

You can read previous columns here. If you’d like to subscribe to this column by email, please visit this link. It’s easy, free, and now ad-free. If you’d prefer the RSS Feed, click here.

 

Links

MS17-010 https://technet.microsoft.com/en-us/library/security/ms17-010.aspx
KB4012598 http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012598
CryptoPrevent https://www.foolishit.com/cryptoprevent-malware-prevention/
Bitdefender https://www.bitdefender.com/solutions/
Malwarebytes https://www.malwarebytes.com/
Malwarebytes Trial https://www.malwarebytes.com/trial/#trial
No More Ransom! https://www.nomoreransom.org/
Computer Care Kelowna http://computercarekelowna.com/
Getting Along With Your Computer Column Archives http://www.castanet.net/news/Getting-Along-With-Your-Computer/
Get Cate’s column by email http://eepurl.com/cqhaTL
RSS Feed: http://computercarekelowna.com/feed

© Cate Eales 2017 – All Rights Reserved

This column appeared on Castanet.net May 22, 2017

print