The “No More Ransomware” Project
Ransomware is the fastest-growing scourge on the Internet. This diabolical form of malware, which encrypts one’s hard drive and demands payment for the key, has exploded in recent months. Here's what you can do to prevent a ransomware attack, and quickly recover if it does happen...
Are You at Risk?
According to Kaspersky Lab, over 700,000 users fell victim to ransomware attacks between between April 2015 and March 2016 -- a 5X increase compared over the previous twleve month period.
You are a potential victim whether you are a major corporation, a small business, or a home computer user. Ransomware doesn’t care whose computer it infects. Distributors of ransomware will tailor their demands to the victim’s pocketbook, and often adjust the price of decryption up or down during communications with a victim.
Ransomware attacks often come in the form of clever "phishing" emails that encourage you to click a link, or open an important-looking document. Outdated software with known security vulnerabilities is another common attack vector.
The threat has become so great that several international organizations have teamed up to fight it. The “No-More-Ransom” site is an initiative of the National High Tech Crime Unit of the Netherlands’ police, Europol’s European Cybercrime Centre, Kaspersky Lab and Intel Security. Its mission is twofold: preventing ransomware infections and helping the infected recover their data without paying the crooks.
When you first visit the site, you’ll be asked whether you’re already infected with ransomware. Answer “no” and you’ll be taken to the Prevention page, which is full of advice on how to avoid becoming a victim. Many of these tips are things I have urged upon my readers for years, including making multiple backup copies of vital data, using robust anti-malware software, and keeping operating system and application software up to date with the latest security patches.
Trust No One
Other good advice there includes “Trust no one. Literally.” Do not click on any link or file attachment - even if it seems to have been sent by your bank, your brother the IT administrator, or your Mom - until you know what you are clicking on. If a message seems out of the ordinary, call your contact and ask if he or she sent it. No account is safe from hacking or impersonation (“spoofing”).
For further protection, enable the ‘Show file extensions’ option in the Windows settings on your computer. To do so, type “folder options” in the Start menu’s search box and click on “Folder Options” in the search results. In the dialogue window that opens, select the “View” tab. Uncheck the box next to "Hide extensions for known file types". Click “OK” to save this change and close the dialogue window.
The purpose of showing common file extensions is to help you spot executable files (programs) that are disguised as non-executables. With “hide extensions” enabled, a file named WatchMe.avi looks like a video file. But with all extensions revealed, it may be WatchMe.avi.EXE and that is a big red flag. If you see multiple file extensions, delete the file without opening it.
Are You Infected?
If you answer “yes” to the question, “Are you already infected with ransomware?” you will be taken to a series of pages that can help diagnose and treat the infection.
The site’s “Crypto Sheriff” page asks you to upload two samples of encrypted files from your hostage hard drive. These are analyzed for patterns used by known variants of ransomware.
You will also be asked to send “any email or/and website address you see in the RANSOM DEMAND.” The ransom note itself contains clues to the identity of the hostage-takers and the ransomware that infects your computer.
The site will look for a decryption key or method in its extensive database of known ransomware. Hopefully, it will provide a solution that you can use to decrypt your data without paying the bad guys any money.
I urge you to take the preventive measures listed on the NoMoreRansom.org website, and keep the address handy. You or a friend may find it handy one day.
Your thoughts on this topic are welcome. Post your comment or question below...
This article was posted by Bob Rankin on 4 Aug 2016
|For Fun: Buy Bob a Snickers.|
Securely Erasing Data Just Got Easier
The Top Twenty
Verizon + Yahoo = Trouble For Consumers?
Post your Comments, Questions or Suggestions
Free Tech Support -- Ask Bob Rankin
Subscribe to AskBobRankin Updates: Free Newsletter
Copyright © 2005
- Bob Rankin - All Rights Reserved
Article information: AskBobRankin -- The “No More Ransomware” Project (Posted: 4 Aug 2016)
Copyright © 2005 - Bob Rankin - All Rights Reserved