Ransomware – OMG I thought I had a backup !

Ransomware – OMG I thought I had a backup !
I’ve been reading some stuff on Ransomware. I haven’t been paying any attention to this because I thought I was protected. I have a network storage disk which backs up my files on a daily basis using Time Machine.  If I had a big issue with my Macbook, I would restore the OS and restore the files over Wifi. Easy right? Well, that’s what I thought.

Ransomware

So what is Ransomware? Ransomware infects your computer if the recipient opens a link on an email or you visit a site which has been infected. Your files are then quickly encrypted and you are then presented with a ransom note. This is either in the form of an open text file or your wallpaper is changed. You’re then required to pay a ransom to decrypt your files. Payment is done using bitcoin which is untraceable. Often the payment network traffic and servers are encrypted too which means it’s really hard to detect.

The criminals may decide to keep your money and not give you the decryption key for your files!

As I have virus protection, I thought I’d be protected against Ransomware, but the truth is that things are evolving so fast that slight variants can be undetectable,

What do I do then?

So here are some tips to counter the threat:

  1. Develop your own backup strategy. Don’t keep your eggs in one basket. Keep multiple backups in different locations. Make sure that your backup device is not permanently connected as you’ll be leaving your files open to encryption, rendering them useless. Think about getting a separate USB hard disk and keep your life’s worth of documents and photos there. Name the folders with the date and replace these occassionally. Should you get hit by Ransomware, you’re not going to lose as much.
  2. Be especially sceptical about email links and attachments. Are you expecting this email? Do you recognise the sender’s email address? I don’t mean the sender’s name but the email address used. For instance, “HMRC” sender name can be spoofed. Anyone can setup an email address with “HMRC” as the sender name but what about the email address? The best defence is to be mail savvy! No one is going to send you a free iPhone ! However, if you’re provided with a button to get more information on delivery, would you click it? Avoid clicking on mail links – period. Be sceptical! Ensure your virus scanner is up to date.
  3. Avoid working on your computer using an administrator account because if something goes wrong when you open an email attachment, for instance, that program will be run using that administrator account and will have full access to your computer. You should try to use a separate account for working on your computer on a day to day basis.
  4. Install every program update in a timely fashion. This leaves a smaller window of opportunity for external threats to exploit your system.
  5. Use a password manager. This will ensure that you don’t keep using the same passwords and it has the added benefit that you only need to remember one password. Great! Find out more here: Security Tips

Feel free to comment on this. I value your opinion. Please consider subscribing to my blog or following me:

Leave a Comment