Ransomware is the name given to a family of malware that is designed to block access to data or a computer system until a sum of money is paid. Ransomware is the fastest growing type of malware.
Security Video Series with Sabre Networks - Keys to Protect Your Office Network
There are a few different types of Ransomware:
- Scareware – Malware claiming to be tech support personnel or cyber security firms will pop up a message on your computer claiming you are infected or compromised in some way and you must pay them to clean it up. Use your own AV software to clean your system to get rid of scareware.
- Screen Locker – This type of malware will take over your pc and make using the system difficult if not impossible. Common variants of this malware claim to be FBI or IRS freezing your computer due to some accused transgression on your part. This malware is a little tougher and may require special tools to clear up.
- Encrypting Ransomware – This guy is the most vicious. With these variants your data is encrypted and you must pay the bad guys for the decryption key. If there is no back up then the only option is to pay the ransom or say goodbye to your data. This is the type of ransomware we will talk about here.
So now that we know the enemy, how do we protect ourselves? First, you should have good anti-virus software. See this article for rankings of the best anti-virus programs. Don’t be surprised, however, if your anti-virus software doesn’t protect your 100% from encrypting ransomware. Heimdal Security wrote an interesting article explaining why so much ransomware is getting past the anti-virus software. Still, good antivirus is a good starting point.
Next, good backups are a must. Once the encrypting ransomware has done its damage, the best option is restoring from backup. Be sure you have backups that are disconnected from the source when not in use. Many encrypting ransomware variants will seek out and encrypt any backups it can find, rendering them useless. So use a good cloud-based backup or a physical backup that is periodically disconnected from the protected system, ie, rotating backup drives.
Other defenses include spam filters with anti-virus engines and end-user education. Email scams, especially Phishing, are the most common carrier for spreading encrypting ransomware. See my previous article on 8 Ways to Protect Yourself from Phishing scams.
There is no length to which cyber criminals won’t go to relieve you of your data and money. Unfortunately, the good guys are a little behind on this one. Until the technology to protect us matures, be diligent in your online travels. Watch for suspicious links, have good, monitored protection systems, and have good backups!