Dealing with the emerging threat of ransomware

The internet has opened up a new world of opportunities and made data more easily accessible than ever before. However, the internet has a dark side as well where criminals are devising ingenious methods for stealing and profiting from your data. One of the most insidious forms of cyber crime is ransomware. As its name implies, this is a type of malicious software that blocks access to one’s data unless a ransom is paid. Although ransomware is often directed at businesses, small or large, home users should also remain vigilant. Fortunately, you can protect yourself from this growing threat.

How does ransomware work?

Ransomware is spread through the use of infected websites or through downloading unsolicited attachments coming from contacts that may or may not belong to the victim’s social circle. Infected documents coming from familiar contacts bear a higher chance of being opened, which makes it a common strategy used by scammers, especially when targeting individual users. Once they open the offending document or visit the malicious site, the criminals use malware to exploit vulnerabilities in their devices or network.

Once the scammers have access to one’s computer, they can take control of important files or completely prevent access to the device. This is when the “ransom” bit comes into play- the scammers will now send dire warnings for a fine or a ransom, which, unfortunately, doesn’t guarantee regaining control over the computer. These attacks can be expensive and damaging.

What steps can you take to protect yourself?

Large organizations with IT departments should already have established protocols.

For small business and individual users, follow these practices:

• Back up your data regularly

• On an external hard drive, or one of the other software tools that are available for free- e.g. AOMEI Backupper Standard or Easeus Todo Backup Free

• Back up to the cloud. You can automatically back up your data using an online service. Cloud storage sites include IDrive, CertainSafe, and Microsoft OneDrive

• Avoid opening suspicious email attachments or clicking unknown links.

• Update your operating system as soon as updates are available. Programs such as Adobe Flash, Adobe Acrobat, and Java are also particularly susceptible to attacks. Make sure to update these programs, as well as any others that you use regularly. Usually, the updates include developments around security, which means the risk of an attack will be smaller.

• Remove browser add-ons that you don’t use. Regularly update those add-ons that you do use.

• Install ransomware protection software. No tool can stop all attacks, but security companies are working hard to develop effective tools to mitigate the threat. Free programs, such as BitDefender Anti-Ransomware and RansomFree, detect attacks and stop the ransomware from accessing your files.

What to do if you’ve been affected?

If you think your computer has been infected by ransomware, immediately disconnect from the network, turning the Wi-Fi off as well. If you work for a large organization, alert your IT department and follow their instructions. If you are an individual or a small business, you should report the incident to law enforcement authorities in your country.

• The Federal Trade Commission in the USA (ftccomplaintassistant.gov)

• ActionFraud in the UK (actionfraud.police.uk)

• Canadian Anti-Fraud Centre (antifraudcentre-centreantifraude.ca)

• Australian Cybercrime Online Reporting Network (acorn.gov.au)

For countries not listed here, do an internet search for your country’s cybercrime authorities or contact local police for more information.

For more information about how to prevent possible attacks, visit the No More Ransom Project (nomoreransom.org) website. Law enforcement agencies, such as Europol, have teamed up with IT security companies like McAfee to help ransomware victims retrieve their data without paying the scammer.

The ransomware threat is a current issue in today’s world. Cyber criminals are exploiting weaknesses in technology and gaps in security for their personal benefit or interest.

There are users unwittingly allowing criminals access by visiting infected sites and opening bobby-trapped documents. Learning about the dangers and taking as many precautions as possible won’t offer 100% protection. But if you educate yourself about the dangers and take action, you immediately become a smaller target. Save yourself the stress of lost data and make life more difficult for the criminals.