Tips To Prevent a Ransomware Worst Case Scenario
Fans of the CBS show, “The Good Wife” will remember the episode where the law firm’s computers were taken over and locked up by ransomware. Unless they agreed to make a payment to certain bank account, the firm’s computers would remain locked.
Unfortunately this scenario is becoming far too common today. Mark Stefanick, who runs a small benefits firm in Houston, had it happen to him. When he related the story recently to the Wall Street Journal, he said that the hijackers demanded $400 to be paid within 72 hours.
“They set the ransom so low that, as violated as I feel and as much as I wanted to fight, at the end of the day I realized I can pay and get back to work,” Stefanick explained.
Attacks up significantly
By one estimate, in the fourth quarter of 2014, ransomware attacks were up 155 percent from the previous quarter. While the law firm in the CBS Sunday night drama was held up for big bucks, the demands made of small businesses aren’t so huge; owners like Stefanick are inclined to pay up and move on with their lives.
It seems like any computer system is vulnerable. Various law enforcement computers in Maine were taken over by ransomware recently, according to a report from WCSH in Portland. Lincoln County Sheriff Todd Brackett said they made a Bitcoin payment to free their systems. The FBI traced the payment to a Swiss bank account, but that’s where the trail stopped.
Many variations
One version of ransomware is called CoinVault and it targets Windows machines. CoinVault encrypts all the files on the system so they are useless to users until they pay the ransom. A clock ticks away on the computer screen, raising the ransom price all the time. If you – or anyone you know – gets hit with this one, Kaspersky Lab has posted the decryptor so you can solve your problem without paying the ransom.
Unfortunately, that’s just one of many that are out there today. Other major threats include Cryptoware and Cryptowall. Instances of smartphone ransomware are also being reported. One scam puts child pornography on the phone and then threatens to alert the police unless money is paid.
Creative crooks
Typically, the advice for protecting against malware like this is “not to download any suspicious looking attachments.” The problem is that the bad guys are becoming very adept at making attachments look innocent and legitimate.
A colleague recently received an email from this address: no-reply@usps.com. The email said the Post Office had a package to deliver but the address label was damaged. Make address corrections to the attached Word file, the email instructed.
My friend was expecting a USPS-delivered package that day, so when this email arrived it wasn’t “out of the blue.” Further, he checked other elements of the email and they didn’t seem outrageously counterfeit. Fortunately, he went back to his original tracking information and that’s when he realized that the email was completely malicious and the attachment wasn’t really a Word document.
Another variation
Not all of the ransom scenarios start with an email or a link to a website. Some victims have received phone calls from individuals identifying themselves as Microsoft technicians. The “technician” then takes control of the victim’s computer, deleting or locking files.
The tragic truth today is that the best of the bad guys are staying a few steps ahead of our ability to protect ourselves. Training, including constant reminders about downloading attachments and following links, as well as having good virus protection is mandatory. Storing files in a backup system that is not attached to your network may also prevent problems.