Recent articles and news broadcasts about “ransomware” are talking about a real, new and nasty threat.
There have been other ransomware schemes and scams before, but these are different. They’re called “crypto-ware” and if you’re infected it’ll cost you serious money. Words like “CryptoLocker” and “CryptoWall” and “CoinLocker” accompany these threats.
Follow me down...
(The author is a computer consultant with clients in financial, medical, and other professions, and SOHO users.)
The scheme is this: the crypto-ware software infects your computer, seeks out your data files – documents, spreadsheets, photos, music, databases, email, and it encrypts them so that only the crypto-ware organization can read them. Then you get a ransom note onscreen: “Your files are encrypted. To get the key to decrypt the files, you have to pay $500.” Or more. Delay, and the price goes up, and there’s a clock on your computer counting down until they will destroy the decryption key, and your data's gone forever.
How to protect your stuff or your company’s data?
There’s no absolute protection, but here, broadly, is what you need to do:
1. Back up your data each and every day to an external hard drive. When done, disconnect that drive from your computer.
a. Preferably use two external drives and alternate between them. (If the drive is attached when the crypto-ware infects the PC, it will encrypt the external drive, too.)
2. Redouble your normal anti-malware security vigilance:
a. Ensure your Windows password is strong (8 or more characters with a mix of upper and lower case letters, numbers, and symbols)
b. Ensure your antivirus or internet security program and definitions are up to date.
c. On websites, be certain that you do not accidentally click on any ad or other link that you do not intend to. (Clicking on any link gives your implicit permission to Windows for whatever happens because you clicked.)
d. Keep your Adobe Reader, Adobe Flash Player and Java (if you use Java) up to date.
i. Update notices for these will only appear with the Adobe or Java logos, and only within a few minutes of starting or logging on to your Windows computer.
ii. (If you get a notice to update while on a website, DON’T! )
iii. (If you do get such notice, AND you’re sure you need an update, go to Adobe.com or Java.com directly for it; do NOT click that notice. There are many fakes, and they can look authentic because anyone can copy the corporate logo and graphics and use them to fool you.)
A couple of news story links, if you have time to at least scan them:
How My Mom Got Hacked (N Y Times)
(http://www.nytimes.com/... )
Ransomware (Microsoft.com)
(http://www.microsoft.com/...)
With new malware, you have to pay to get your files back (CNBC)
http://www.cnbc.com/...
Let’s be safe out there. The Internet is no place for a nice computer like yours!