Ransomware: Are You at Risk?
Ransomware is the fastest-growing form of malware on the Internet. This diabolical cyber-scourge, which encrypts one’s hard drive and demands payment for the key, has exploded in recent months. One high-profile attack has cost the city of Baltimore over $18 million. Here's what you can do to prevent a ransomware attack, and quickly recover if it does happen... |
The “No More Ransomware” Project
The U.S. National Security Agency has issued an advisory warning Microsoft Windows users to update their computers to protect against a new security vulnerability called BlueKeep. The NSA is worried that it could spread rapidly, enabling a massive ransomware attack wave, similar to the WannaCry outbreak that wreaked havoc in 2017.
You are a potential ransomware victim whether you are a major corporation, a small business, or a home computer user. Ransomware doesn’t care whose computer it infects. Distributors of ransomware will tailor their demands to the victim’s pocketbook, and often adjust the price of decryption up or down during communications with a victim. The group behind the Baltimore attack demanded a $70,000 ransom, but city officials took the advice of the FBI and refused to pay.
Outdated software with known security vulnerabilities is a common attack vector. But ransomware attacks don't necessarily need to exploit software flaws. They often come in the form of clever "phishing" emails that encourage you to click a link, or open an important-looking document.
The threat has become so great that several international organizations have teamed up to fight it. The “No-More-Ransom” site is an initiative of the National High Tech Crime Unit of the Netherlands’ police, Europol’s European Cybercrime Centre, Kaspersky Lab and Intel Security. Its mission is twofold: preventing ransomware infections and helping the infected recover their data without paying the crooks.
When you first visit the site, you’ll be asked whether you’re already infected with ransomware. Answer “no” and you’ll be taken to the Prevention page, which is full of advice on how to avoid becoming a victim. Many of these tips are things I have urged upon my readers for years, including making multiple backup copies of vital data, using robust anti-malware software, and keeping operating system and application software up to date with the latest security patches.
Trust No One
Other good advice there includes “Trust no one. Literally.” Do not click on any link or file attachment - even if it seems to have been sent by your bank, your brother the IT administrator, or your Mom - until you know what you are clicking on. If a message seems out of the ordinary, call your contact and ask if he or she sent it. No account is safe from hacking or impersonation (“spoofing”).
For further protection, enable the ‘Show file extensions’ option in the Windows settings on your computer. To do so, type “folder options” in the Start menu’s search box and click on “Folder Options” in the search results. In the dialogue window that opens, select the “View” tab. Uncheck the box next to "Hide extensions for known file types". Click “OK” to save this change and close the dialogue window.
The purpose of showing common file extensions is to help you spot executable files (programs) that are disguised as non-executables. With “hide extensions” enabled, a file named WatchMe.avi looks like a video file. But with all extensions revealed, it may be WatchMe.avi.EXE and that is a big red flag. If you see multiple file extensions, delete the file without opening it.
Are You Infected?
If you answer “yes” to the question, “Are you already infected with ransomware?” you will be taken to a series of pages that can help diagnose and treat the infection. The site’s “Crypto Sheriff” page asks you to upload two samples of encrypted files from your hostage hard drive. These are analyzed for patterns used by known variants of ransomware.
You will also be asked to send “any email or/and website address you see in the RANSOM DEMAND.” The ransom note itself contains clues to the identity of the hostage-takers and the ransomware that infects your computer.
The site will look for a decryption key or method in its extensive database of known ransomware. Hopefully, it will provide a solution that you can use to decrypt your data without paying the bad guys any money.
You might also benefit by reading the Ransomware Q&A page, which goes into detail on the history of ransomware, the various forms it can take, and how a ransomware attack works.
I urge you to take the preventive measures listed on the NoMoreRansom.org website, and keep the address handy. You or a friend may find it handy one day.
Your thoughts on this topic are welcome. Post your comment or question below...
This article was posted by Bob Rankin on 7 Jun 2019
For Fun: Buy Bob a Snickers. |
Prev Article: See These Free Microsoft Office Alternatives |
The Top Twenty |
Next Article: Trace an Email? Here's how... |
Post your Comments, Questions or Suggestions
Free Tech Support -- Ask Bob Rankin Subscribe to AskBobRankin Updates: Free Newsletter Copyright © 2005 - Bob Rankin - All Rights Reserved About Us Privacy Policy RSS/XML |
Article information: AskBobRankin -- Ransomware: Are You at Risk? (Posted: 7 Jun 2019)
Source: https://askbobrankin.com/ransomware_are_you_at_risk.html
Copyright © 2005 - Bob Rankin - All Rights Reserved
Most recent comments on "Ransomware: Are You at Risk?"
Posted by:
Stuart Berg
07 Jun 2019
Bob,
I'm very surprised you didn't mention any free anti-ransomware software. For example, I use AppCheck Anti-Ransomware because it's free, gets good reviews
https://www.techworld.com/download/security/appcheck-anti-ransomware-25272-3331355/
and is very unobtrusive. Your future opinion of anti-ransomware software would be of great interest.
Posted by:
Donn
07 Jun 2019
Stuart, I don't know you and won't download.
Posted by:
Pete
07 Jun 2019
Thank you again!!!!
Posted by:
Stuart Berg
07 Jun 2019
Donn,
I don't blame you for not trusting someone you don't know. However, there is no danger in you searching for anti ransomware software on the Internet. For example, you will find that Malwarebytes has a free anti-ransomware program and they are reasonably well known and generally trustworthy.
Stu
Posted by:
Stuart Berg
07 Jun 2019
Donn,
One more thing: PC Magazine is a trusted source of computer information and Neil J. Rubenking in particular is VERY experienced and well respected. He published an article in March 2019 in PCMag titled "The Best Ransomware Protection for 2019". You will find the article here:
https://www.pcmag.com/roundup/353231/the-best-ransomware-protection
I believe most people will find this article informative.
Stu
Posted by:
David
07 Jun 2019
A little paranoia is good, but don't just write off something automatically. Do some research, then decide. Techworld is not a rogue site, and I'd be surprised if they didn't have a review of any software they link to.
Posted by:
Bill C
07 Jun 2019
I think maybe Donn was being just a little "tongue-in-cheek" there.
Posted by:
john
07 Jun 2019
While backing data is a good idea, it is also a good idea to frequently do a full disk image or clone backup. Windows has several programs for that purpose, I use Clonezilla as it works with multiple OSs and it is free. It takes about 5 minutes to back up or restore my OS.
Posted by:
Derek
07 Jun 2019
Trust nobody is good advice. I have good reasons not to trust Microsoft. The only malware I have ever been hit with is windows update. If they would provide security-only updates I would accept them. Until then I'll stick with Winpatrol, an antivirus, and backups.
Posted by:
Dave
07 Jun 2019
backup, backup, BACKUP!
If you don't backup, you will learn the hard way!
(everyone does)
I think just about Everyone who frequents this site knows about backing up.
I hear "but I was going to backup tomorrow" all the time. That is too late! Backup now!
Then again, I make money recovering files, so don't backup. I can use the extra cash :)
Posted by:
David Ruedeman
07 Jun 2019
Shame that Micro$oft made it risky to perform their updates. I used to regularly check for updates but now that is considered "Asking for trouble." It also seems that MS will change their advice regularly in this regard.
Posted by:
Dick Ferris
08 Jun 2019
Bob,
Thanks so much for this valuable info. Wish I had it a month or so ago. I have spent a lot of time trying to undo damage created by ransomeware hackers. I have received a bunch of email demanding ransome, but haven't responded to any of it. At least now I may be to do something about it.
Posted by:
john
08 Jun 2019
For David - about Microsoft changing their advice regularly, I'd be worried about MS if they did not change their advice to adopt to the ever changing threat environment. And my wife figured out a way to handle the Micro$oft concern - she invested in their stock.