In increasingly more common "ransomware" attacks, cyber-criminals infiltrate a computer, lock or encrypt sensitive files, and hold them hostage until the owner pays a ransom. Such attacks have been waged against corporations, hospitals, law enforcement agencies, universities, and even NASA, as well as average computer users. If the victims don't pay, it's almost certain they will never get their data back, whether it's an almost-finished manuscript or family photos. The good news: A few relatively simple, inexpensive precautions can dramatically reduce your chances of becoming a victim.
How to Stay Safe From Ransomware and Other Hacker Attacks
Cyber-crooks have far less leverage if they're trying to deny access to something you have backed up on a hard drive in the sock drawer. Back up files regularly on a physical drive such as the well-reviewed 1TB Toshiba Canvio Basics external USB 3.0 Portable Hard Drive, which comes with a free standard shipping for $51 at Best Buy. It's a lot less than a data kidnapper will demand in ransom payments.
For a ransomware attack to succeed, it usually requires the victim to take action: Some victims click a toxic link sent on social media or through Skype chat or open an email attachment that lets the attacker in. So the least expensive yet possibly most powerful action to take to prevent an attack is to do nothing at all -- don't click or open anything you weren't expecting to get without being absolutely sure of its safety, and that includes being skeptical of links or attachments from friends or family. Ransomware criminals like to hack an account and blanket the victim's contact list with bait.
People are naturally curious. They find a flash drive, assume someone accidentally dropped it, and can't stop themselves from wondering what interesting, scandalous, or secret things they might find, or think they just got something for free. But hackers have been known to drop infected flash drives in public places for just this reason. When people plug in a mysterious flash drive to satisfy their curiosity, they inadvertently do the hackers' work for them. In an age when flash drives with as much storage as many computers can cost $6, snatching up a free one isn't worth the risk.
Autoplay allows applications to open digital media instantly, and ransomware can exploit this and trick computers into running a program. When autoplay is turned off, users are prompted before media files are opened, which allows an opportunity to examine the source. This is a free way to potentially save lots of money.
The best anti-ransomware defense is layered, with simultaneous use of the big three: antivirus applications, firewalls that block unauthorized access, and web filtering software that can guide users away from a constantly changing list of dangerous sites (and keep them off-limits to kids). Make sure the firewall is turned on; PC users who want more than what's built in to Windows can buy a security solution with a firewall starting at $30. And Panda Security has a free, cloud-based antivirus solution that PC Magazine scores higher than paid competitors.
For absolutely free protection, accept and install all updates to computer operating systems, browsers, and plug-ins as soon as they arrive. Many updates involve patches and security enhancements for vulnerabilities that companies such as Apple and Microsoft work constantly to find and repair. If they've already identified a vulnerability in an operating system, chances are cyber-criminals have too. The easiest targets are computers running on yesterday's patches.
If you're attacked by ransomware, it is highly unlikely you'll be able to recover or unlock files on your own, but you should still know the dos and don'ts. First: Do not restart the computer! This is a common mistake people instinctively make in hopes of remedying the problem. But restarting almost certainly won't undo any damage and will very likely help the malware expand to other files. One thing you should do is disconnect from the internet immediately, and from any network the computer shares with other devices.
Most of the information needed to avoid becoming a ransomware victim is free and readily available online. Stay up to date with constantly changing threats. Do you know what a watering hole attack is? Do you know the telltale signs of a social networking attack? Maybe you've heard of phishing, but what about spear phishing? When there's enough free time to flip through sites on your phone, consider reading up on these threats and tactics and the many others out there -- instead of watching videos of puppies on skateboards.
For people who have already fallen victim, there's only one way to save money: Don't pay the ransom. It is common for the attacker to take over victims' screens with a message claiming to be from a law enforcement agency such as the FBI (often with a message that says their computers were used in a crime or to view child porn) and saying they must pay fines, almost always in untraceable Bitcoin, to regain control. But this is never the work of an actual law enforcement entity -- and the FBI officially advises against paying any ransom. Doing so could result in ongoing extortion, or the criminal may simply take the money and run without providing the unlock key for the encrypted files. Payments embolden attackers to victimize others and, even worse, the ransoms could be used to fund other illicit activity.
A site called No More Ransom, created by Interpol, Dutch law enforcement, and the companies Intel Security and Kaspersky Lab, includes a free repository of keys and applications that can decrypt data locked by various ransomware schemes. "Not every type of ransomware has a solution," the site says, but it has more than 160,000 decryption keys in its arsenal.