The New Media Institute (NMI) is a research and fact finding organization whose mission is to improve public understanding of issues surrounding the Internet and other forms new media communications. NMI works directly with the news media, researchers, academics, government and industry professionals and serves as a primary resource of facts, statistics and analysis.
Ransomware - Cyber Security Threat
- Categorized in: New Media News
Cryptolocker and a variety of other versions of what is now termed “ransomware” are endemic on the web. Basically, these are viruses that lock your computer files until a ransom payment is made. This is occurring more often than you think. The process has been named “cryptoviral extortion,” and usually propagates like a Trojan, opportunistically infecting computers. The threat is designed to extort money in return for “releasing” your computer. The fact is that money can be paid and your computer is still not released. Never pay ransomware extortion!
There are a number of ways to protect against ransomware but the single greatest protection you will have against this threat is a regular, secure, and frequent backup of all your files and your hard disk. If your files get encrypted and you have a safe, clean backup, all you have lost is your most recent work if you are attack.
Protect Yourself and Your Business:
- Backups: Any local data that's critical should be frequently and regularly backed up. If you work in the cloud, all major cloud storage services block cryptoviruses payloads from their storage space. Anything stored there should be secure. If you store locally, your antivirus protection will help to protect your documents and data files. Keep alert to the danger of ransomware. A good backup will help expedite any recovery process.
- Antivirus: Make sure everyone has their up-to-date anti-virus software on and running. You can install or reinstall the anti-virus on any machine that's not protected. It's all under your existing subscription.
- Updates and Patches: Everyone should be on automatic updates for Windows and other software. Microsoft traditionally does large updates and security patches on Tuesdays. If anyone gets a message that an update did not install, run the updates manually. Keep your operating system and software up-to-date with the latest patches.
- Web Links: Do not follow unsolicited web links in email. This is especially important for Ransomware. Even unexpected links and attachments from known senders should be avoided. Call the sender if necessary to make sure the link or attachment is legit.
- Attachments: Use caution when opening email attachments.
- Browsing: Follow safe practices when browsing the web. Tell everyone not to click randomly and avoid any advertising links on a website that are not familiar.
In the event an infection takes place, not panicking is the most important advice to remember. The machine in question should be immediately shut down and taken off line. If you can get a screen shot of the actual ransomware notice, great! Any document immediately being worked on should be considered lost, but any earlier versions that have been backed up should be safe. The workstation itself should be restarted only when you have a boot disk and software immediately available to reboot it directly into an anti-virus removal tool like Hit Man Pro, Malwarebytes, or MS Security Essentials Removal Tool, etc. If caught early, a lot of the more prevalent ransomware (there can be more than just one kind on your computer) can be removed and the computer cleaned before everything is “locked”.
Depending on the malware/ransomware itself, the workstation and the files on it may, or may not be salvageable. In the worst case scenario, the device gets wiped and everything gets reinstalled from your backups.
Backups and antivirus software are critical components of good computer security.