Mark Thomas is a CRM and Data Solutions Master. If you have any topic you would like to see addressed, feel free to make a suggestion.
Ransomware
Read this if you are
scared of being hacked.
What is ransomware?
Ransomware is a category of malicious computer programs which, without your knowledge or consent, are loaded and activated on your computer. At some time after it is installed and activated, the program will attack your files.
The attack uses an encryption process to convert your files – documents, spreadsheets, QuickBooks data, etc. – from plain readable format to unreadable gibberish.
The attack is usually triggered by a preset time delay, or a preset number of times you reboot your computer. The time delay makes it difficult or impossible to tell how exactly the attack occurred.
The attacker then informs you of the ransom you must now pay to get your files back into readable form. Your files are not moved. They are still on your computer. This is exactly the same state they would be in if you had purposefully encrypted them yourself for your own privacy, however, you are denied the means to un-encrypt them. Encryption processes, whether used for good or evil, use a “key” (this works just like a password) and using advanced mathematic functions, scrambles the content of the files in such a way that only using the key in the de-encryption, the reverse process, will rearrange the contents so they are again readable.
The attacker presents the deal to you: pay a certain amount, by a certain time and you will be given the key and instructions to de-encrypt your files.
After you have satisfied the demand (payment), you will be provided the encryption key and instructions to apply the key to your files. This process will undo the encryption and you should be back in business.
The previous paragraph describes the result if you are dealing with an honest attacker. Do I need to point out the irony here? Although no violence has occurred, you have just had a digital gun put to your digital files with threats of permanent destruction. You may or may not get your files back. There is no incentive for the criminal to do a good job in file recovery. Or you may get your files back, but what’s to keep the program at the bottom of this from re-launching at any time and starting this all over again.
How does it happen?
You may hear that mysterious hackers can use mysterious means to remotely insert mysterious programs into the mysterious depths of your computer. Please put those thoughts aside, because they do you no good whatsoever.
It’s not impossible for SOMEONE to do this, if, for instance, one of the merry pranksters from Edward Snowden’s** old office has you as a target. But, I am going to stick my neck out and say, ” No, just not likely.”
What is far more likely and is most common is the victim is simply duped into loading the program, by his own hand. To list all methods would be tedious, so let’s do it by category.
- Stupid emails from people/places you never heard of, inviting you to click a link in order to ….(could be anything)
- Click-bait web page advertisements offering salacious content, miracle health cures, access to the wealth and income YOU deserve and is now available.
Some common traits to the above may include:
- Really bad grammar and punctuation
- Pictures and headlines that do not match or align with material that follow
- Extremely worn-out headlines like “use this secret trick”, “you wouldn’t believe…”, etc.
How to stay safe
First, do no harm
By far the most important thing, is don’t do something silly. In certain fields of activity there is a term used “situational awareness”. This applies not only to combat or other hostile environments but also matters of personal security. If you’ve ever found yourself in a potentially dangerous neighborhood, you are wise to raise your attention level and note every detail around you, while you swiftly move to safe ground.
There’s an unlimited number of variations that can occur, but mostly just don’t rush and really look at the address you are about to click.
- Do not ever, ever click a shortened link (e.g. bit.ly, etc.) unless you are positively positive and sure and certain you know who sent the link. Otherwise, don’t do it. Find another way if it’s something you legitimately want to connect with.
- Look for misspellings which make the address look familiar but not correct. PaPyal instead of PayPal, BonkofAmerica are examples.
- Look for legitimate company names with extraneous words included. Examples: eBay-secure.com, authebay.net and ebayserver.net. None of these are associated with eBay.
If you thought you were being directed to a known or legitimate website and you see any oddities like the ones above, just don’t do it. Take a moment and find another way to contact the entity.
Backup and Backup Often
Next, keep current and frequent backups of your computer files. The key points to be addressed: backed up files are stored off premises, prior versions of files are maintained, and files are scanned for malware during backup. You really should use more than one method or service for backups so you don’t have a single point of failure.
The subject of backing up will be treated fully in a future article.
Protection from the Big Guys
Make sure that your Windows version is always up to date. Windows will track this for you. Reason: the engineers at Microsoft are constantly testing and handling vulnerabilities found as hackers continue to research and test ways to breach systems. Use all the muscle you can find. The same applies to Apple products as well.
Proactive Protection
Finally, make sure you have a sound, legitimate anti-malware and anti-ransomware solution. There are many of these available, many for a fee. There are some to avoid, as they are very “heavy-footed” (slow your computer down) and themselves attempt to load additional programs you don’t need. If you have nothing else, go with the already built-in Windows Defender which has protection specifically aimed at ransomware. There are technical opinions somewhat derogatory about Defender, some which may have some truth, however, others are simply promoting another (paid for) solution.
As I said, if you have nothing else, make sure Windows Defender is running and follow recommendations for ransomware protection.
Conclusion
There is a difference between being wary and being scared. You don’t need to be scared but make sure you know when you need to be careful.
When I was very young it was not uncommon to see a row of baby strollers (with babies) parked outside local stores while the mothers were inside shopping. This simply isn’t done any more. The mothers at the time were not at all negligent, but over time they have adapted to changes in the environment.
All that is needed is a little caution and prevention. I hope this helps.
**Edward Snowden – formerly worked as a computer intelligence consultant for US government agencies. He alleges that these groups were illegally spying on US citizens using advanced electronic evesdropping. He currently lives in exile to avoid arrest and prosecution by US authorities for disclosing classified methods and practices.