Words of Wisdom from Guru Bob - "Ransomware" - 26th Nov 2013

"Ransomware" is software that takes over your computer and demands a ransom to remove itself.

One particular piece of ransomware is rather nasty ... it's called CryptoLocker and it encrypts files that it can get its hands on - including files on any network drives. It then demands payment of $300 within 96 hours otherwise your files are forever locked and useless. You can still see the files but they're no good to you. The software claims that if you try to circumvent it then it will just drop the offer of letting you pay the ransom.

Most people are restoring from backup, but some have paid the ransom to an anonymous recipient and got their files back, until next time at least. There's no guarantee and probably no defence of "but I already paid the ransom!"

Anyway, this brings up a point which is that a lot of these things happen due to installing programs from untrusted origins, opening attachments in emails - even attachments that you may consider safe, such as PDF files. In actual fact, security holes in PDF files is a massive entry point for malware (malicious software) and viruses.

The thing to realise is that while you think you're in control of your computer, it's probably more likely to be the other way round. As clever as any of us think we are with computers we can all get tricked and the consequences can be terrible, ranging from a minor annoyance (e.g. advert/porn popups) to deletion of files or even disclosure of private and sensitive information to anyone.

There's some simple things you can do to reduce the risk - and remember you can never be 100% protected.

1. Always always make sure your virus scanner is up to date.

There's bunch of virus scanners on the market, some free, some not. No one virus scanner is going to be the best all the time so it's much of a muchness which one you pick really. Personally I advise that if you're running a Windows computer that you install Microsoft Security Essentials. It's free and it will keep up to date and actively scan files as they're accessed.

2. Don't just say yes! Don't just click open! Don't just download!

Do you really know what you're opening? If you didn't expect an email from someone with an attachment then don't open it. If you're not sure whether you should click Yes to a security warning then click NO or ask someone what to do. The only stupid question is one you don't ask. Think about how you'd feel if all your work files got deleted because you thought "ah what's the worst that could happen?" and then it did ...

Hackers often target popular free software and re-bundle it to include their own nasties. Sometimes virus scanners will pick up on these. Always make sure you get it from an official source. Here's a question - how do you know that the YouTube video downloader that you got doesn't send your private information to somewhere? It's a very real threat.

3. Don't be a cheapskate - cheapskates get hacked!

Computers and software are expensive - but you should seriously consider an IT budget if you don't have one - even if you're an individual set up an automatic payment of say $5 per week into a separate bank account (your bank should let you create accounts for free). If you're still running Windows XP you're going to stop getting updates from Microsoft in April next year.

Don't be afraid to spend some money on advice - consider how much it could cost you to recover from such an event because you were being cheap. Do you have backups? These cost money (e.g. for a new external drive, maybe some software to manage it etc). It's all money well spent.

Finally,

While I know a fair bit about IT stuff I'm not a pro when it comes to looking after desktop computers (I used to be but time marches on). I can't really help if you find yourself in a pickle, but I might know someone who can. If you do need professional help then make sure they know what they're talking about (ask them for a reference and call that person).

Probably the most useful thing you can do is to keep backups (not just on your computer) and make sure your backups actually work.

References:

« Back to News
site powered by - Turboweb :: Simple Web Manager