Ransomware is Getting Worse (here's what to do)

How to Defend Against Ransomware Attacks

Ransomware is an insidious form of malware that locks a user's files with encryption and demands a hefty payment to restore access. It typically spreads when a user clicks a link in a phishing email or on an infected website. Ransomware is a fast-growing and quickly evolving menace, impacting home users, businesses, schools, and government agencies.

The FBI advises ransomware victims not to pay the ransom, because doing so lines the pockets of the cybercriminals and encourages them to continue. But there's another reason you shouldn't pay. According to a survey by the CyberEdge Group less than half of ransomware victims actually get all their files back after paying up. "Timely backups," they say, are the "most efficient defense against ransomware infections."

A ZDNet article says that the authors of GandCrab, one of the most successful ransomware programs, claim to have "retired" this past June, after earning over $2 billion. But a ransomware variant known as REvil emerged at the same time, and is believed to be related to GandCrab. Decryption keys were made available to combat GandCrab, but REvil is now wreaking similar havoc. ZDNet has some advice for limiting the potential damage of ransomware attacks: Users should apply security patches and regularly back up their data.

The Cybersecurity and Infrastructure Security Agency (CISA) also reports an increase in ransomware attacks across the world. CISA says that "anyone with important data stored on their computer or network is at risk," and recovering from a ransomware attack can be a difficult process, with no guarantee that payment of the ransom will restore access to one's files. CISA recommends the following steps to protect against ransomware:

• Keep software and operating systems updated. Outdated software is a common attack vector.
• Never click on links or open attachments in unsolicited emails.
• Backup data on a regular basis. Keep it on a separate device or store it offline.

Hopefully you noticed the common thread there. Users who fail to backup their data are the ones who will pay (literally) for that mistake. But not all backups are created equal. Note the advice from CISA about backups: "Keep it on a separate device or store it offline." That's because a backup on an any device that's connected to your computer is vulnerable to a ransomware attack.

As I mentioned earlier this week in iDrive versus Ransomware, "When ransomware first arrived, it would target only your system (C:) drive. But later 'improvements' in the diabolical software extended its reach to other connected devices, such as flash drives, external backup drives, and networked folders. So a ransomware attack can scramble any locally reachable data, and even infect other computers on a local network. But if your backup resides in secure password-protected cloud storage, it's beyond the reach of ransomware."

Yes, you could make your backup and then disconnect the backup device. But no backup regimen will be successful if it's not fully automated. What are the chances that you'll remember to reconnect your backup drive for those nightly, weekly, and monthly backups? I encourage all AskBob readers to check out iDrive, my recommendation for cloud backups. PC Magazine gave it their Editor's Choice award for best backup five years in a row. In my opinion, it's currently the best of breed online backup solution.

The iDrive Personal plan normally costs about $5/month for 2 Terabytes of online backup space. But I've negotiated a special deal for my readers. If you sign up with this link you'll get a 95% discount on your first year of iDrive, and up to 5 Terabytes of storage. So your price will be just $3.48!

I talk in more detail about iDrive in my article in iDrive versus Ransomware. I hope you'll check it out.

EternalRocks: This New Ransomware Is Stronger Than WannaCry!

Share

Watch on