Ransomware is your worst nightmare! Several of my clients were hit with this, some more than once, over the last 12 months. I’ve written a couple of blog posts about it already and here I am again to let you know that this is going to get worse. All the major internet security companies are flagging 2016 as the year of ransomware.
What is ransomware?
It’s when a hacker steals your information or takes control of your computer and holds data for ransom. Usually it starts at around $500 and increases the longer you don’t pay. It’s a very, very nasty piece of software that can literally destroy your world (your computer files) in a flash.
How does ransomware work?
The files themselves are protected with 256-bit AES encryption. The keys generated by this first encryption process are then protected with 2048-bit RSA encryption, and the malware author keeps the private key.
I own a Mac. Am I safe?
Mac’s are less likely to be infected with malware & viruses but IT DOES HAPPEN! I’ve fixed several in 2015. The experts expect ransomware to start targeting Mac OSX in 2016 due to its growing popularity.
10 things that will help protect you from ransomware?
Firstly, take the common sense approach.
- BACK UP YOUR DATA – Don’t think “It will never happen to me” because it’s only a matter of time. Be it ransomware or a crashed hard drive.
- Once you have finished backing up your data, remove the device you have backed it up on. If it stays attached the ransomware can encrypt it.
- Keep your antivirus software up to date
- Make sure your computer updates are always up to date. Windows and programs. Check out Patch My PC for a cool free tool to ensure your programs are up to date.
- Don’t put anything online that you don’t want stolen because it can be used against you
- Show hidden file-extensions – Ransomware often hides in normal looking files. Eg you might see resume.pdf but it may actually be rasume.pdf.exe and install ransomware
- Filter EXEs in email – if you are able, deny emails sent with “.EXE” files.
- When you receive an email with a link or a button to click check who it was sent from. You can hover over a link and see if you recognise the url that pops up or appears in the bottom corner of your screen. For example, this one says yourbank.com.au but if you hover over it you will see something else. Don’t worry this one is OK to click on, but many are not even if they appear to come from someone you know.
- Disable RDP – Remote Desktop Protocol. Cryptolocker is known to exploit this.
- Disconnect from WiFi or unplug from the network immediately if you suspect anything is wrong. If you act VERY quickly you might be able to stop communication with the server before it finish encrypting your files.