GoldenEye. WannaCry. Petya. CryptoLocker. Crysis. zCrypt. Powerware. HydraCrypt. Cerber. RAA ransomware. CryptoWall. These are just a few of the 16 known families of ransomware now threatening computer systems worldwide.
Way back in 2013 (that really doesn’t seem that long ago does it?), CryptoLocker showed cybercriminals how successful ransomware could be. That form of ransomware was quickly replaced by CyberLocker. Just a little over a year ago, there was another ransomware attack named Locky. It was described “as bad as ransomware can get” by cyber security experts.
Since last year, the ransomware attacks have continued to be relentless and more vicious. On May 12, cyber criminals unleashed the WannaCry ransomware attacks that spread to more than 200,000 systems around the world, holding hostage hospitals in the UK, automakers in Italy, FedEx in the U.S., railway companies in Germany and China’s state oil company. And just over a week ago, Petya spread around the world, demanding $300 in Bitcoin payments to restore computer systems. Petya now appears to be worse than first thought. Instead of restoring files when paid, it simply wipes affected computers outright.
This is the fastest growing crime on the Internet. In 2014 alone it grew by 4500 percent, and in recent news it shows no signs of stopping anytime soon.
Your best defense against these ransomware attacks is to not become a victim in the first place:
• The first step is to make sure your computer is clear of infection, using and updating security software.
• Once you’re sure your computer is free from infection, perform a backup of your hard drive. When the backup has been completed, be sure you unplug your backup device from the machine for safe storage. Backups will help mitigate ransomware by allowing you to restore your system to unencrypted status.
• Next, update your computer’s operating system. These updates will include patches being released for particular variant streams of malware.
The majority of ransomware attacks enter computer systems via email. Following are some email security tips:
• If the email is from someone you don’t regularly communicate with or don’t know at all, be wary. Did the CEO of your company just reach out to you out of the blue? Did you receive an email from a friend you haven’t heard from for a long time?
• Another quick trick is to check what time it was sent to you. Was it during normal hours? A message sent at the wrong time of day could prove to be bogus.
• Look to whom the message was sent. Is it just you, or is it a group of people? If it’s a group, are these people you usually share information with, or just a random grouping? If it seems unusual, something may be up.
• Hackers do their damage by counting on you to open an attachment or click on a hyperlink that allows them into your files. Before you open any attachments or click on any links, be sure to read the content carefully and ask yourself if it is relevant to you. It is recommended to be especially wary of any Microsoft email attachments that advise you to enable macros to view its content. Make sure any email you open is from a genuine, trusted source. If not, immediately delete the email.
Remember, ransomware will attack your home computer, business computer, iPads, etc. If your system does become infected, it is highly recommended you don’t pay the ransom.
Consider this: If you pay, you’re basically hoping you’re dealing with an honest thief. Maybe he’ll unlock it, and maybe he won’t. You could be asked to pay again and again!
Cheryl Parson is president of the Better Business bureau serving West Central Ohio. The BBB may be found on the Internet at www.lima.bbb.org.