HomeBiz TechAfter WannaCry, Should You Worry About Ransomware? | Neil J. Rubenking

After WannaCry, Should You Worry About Ransomware? | Neil J. Rubenking

Ransomware is all over the news. Experts estimate the recent WannaCry attack affected as many as 300,000 devices globally. If you’re worried about falling victim to ransomware, there are a few things to consider.

OpinionsHow would you react if someone stole your home computer? What if your hard drive failed and wiped out all your programs and data? If you’re prepared with a full, offsite backup, encrypting ransomware needn’t be a big worry. Just clean out the malware with a tough antivirus, delete the encrypted files, and go on with your life. You don’t even have to buy a new computer and reinstall all your programs, as you would if it got stolen.

However, if you’re not confident you could handle the loss of all your documents or some items on your computer are irreplaceable, then yes, you should worry about ransomware. But there are ways to protect yourself.

You Probably Aren’t the Target

Malware of all kinds is big business these days, and ransomware is no exception. It makes more sense for hackers to target an essential institution like a hospital, or a business that loses thousands of dollars every hour its computers are down. WannaCry ransomware, for example, hit Britain’s National Health Service, Nissan factories, and Russia’s central bank, among many others.

A few years ago, I saw a lot of piddly little consumer-level ransomware attacks demanding payment using gift cards. The perpetrators distributed these widely, through spam and phishing. I encountered many of them in my hands-on antiphishing tests. Most were poorly designed, and quite a few proved to be pure bluff; they didn’t encrypt anything at all. I’m seeing these less and less as the malware coders focus more on businesses.

That doesn’t mean a ransomware attack couldn’t hit your computers, though. And preparing to ride out such an attack also prepares you to deal with the consequences if your computer gets stolen or bricked.

Backup, Backup, Backup

Modern Windows versions push hard to have you store your documents in OneDrive, and they make doing so extremely convenient, as do other cloud storage and sharing services. But there’s a catch.

Automatic, easy cloud storage of your files requires a constant connection to the cloud. In many cases, your cloud storage appears as if it were just another disk drive. That can make the files vulnerable to a ransomware attack, just like any local or network drive. Indeed, some attacks deliberately start with non-local drives, to do as much damage as possible before anyone notices. Go ahead and use Google Drive, iCloud, OneDrive, whatever cloud storage you prefer, but also set up a secure, dedicated online backup system.

Options will vary depending on which service you choose, so study the configuration choices carefully. Don’t enable any features that make the backup appear as a disk drive in Windows Explorer. Do make sure to enable multiple versions, so if an encrypted document gets backed up, you can drill down for an unencrypted one. And turn on the backup system’s own encryption.

Acronis True Image 2017 New Generation didn’t earn our Editors’ Choice designation as a backup program, but when ransomware is the issue, it’s a total standout. Its Acronis Active Protection system watches processes for behavior that suggests ransomware activity. On detecting an attack, it kills the process and warns you to run a full antivirus scan. If any files got encrypted before it took down the attack, it restores them from backup. And the online backup system itself is hardened against unauthorized access.

What About My Antivirus?

If you’ve taken my advice, you have a powerful security suite installed on all your computers, just waiting to blast malware of all types. And yes, it really should smack down a ransomware attack before it does any damage. In the wake of the WannaCry ransomware attack, Norton, McAfee, Bitdefender, and other vendors broadcast emails reassuring users that their suite protects against WannaCry.

However, there’s always that minuscule chance that a brand-new, zero-day ransomware attack might slip past your protection. If that happens with a Trojan, or a virus, or almost any other kind of malware, it may give you some trouble, but an antivirus update should wipe out the nasty program before long. The problem with ransomware is that even after the malicious program’s ignominious demise, your files remain encrypted.

Telecommuting Woes

If you work from home, you should definitely worry about ransomware. You’re using a home network, without the business-level protection offered by the main office. And you may well be using the same computer for work that you do for your personal activities. You’re no more likely to suffer a ransomware attack than the average user, but the consequences are potentially much higher.

I’m a perfect example. My main computer brims with articles, spreadsheets, screenshots, and so forth. Once an article goes live on PCMag.com, the original is no longer critical, but I’d hate to lose all my projects that are still in progress. I use multiple backup systems, including a Network Attached Storage device, but I don’t stop there.

Symantec’s Norton Internet Security Premium is my main defense against malware; it would have stopped WannaCry. However, I’m also running not one but two utilities specifically designed for ransomware protection: Cybereason RansomFree and Malwarebytes Anti-Ransomware Beta. Both are lightweight and unobtrusive, and both proved effective when I tested them (carefully, in an isolated virtual machine) using real-world ransomware samples.

Hold the Door

Ransomware most commonly enters your home or business computer through an email attachment or phishing attack. Don’t open the door! If you receive a document you weren’t expecting, even if the sender seems to be valid, don’t open it without verifying, perhaps by calling or texting the sender.

Don’t click links in email either, at least not without carefully vetting them. In most email clients, pointing at a link with the mouse gets you a popup that displays the URL. If it doesn’t look right, leave it alone. You can also right-click the link, copy it to the clipboard, and paste it into a document for a good look.

This advice applies at work, too. I haven’t heard of anyone getting fired for clicking the wrong link, at least not yet. But you’re out of a job just the same if the ransomware you inadvertently released puts your company out of business.

Be Prepared

Barring an unprecedented innovation in computer security, ransomware is here to say. It hauls in cash, and that’s what the malware coders are after.

Your appropriate level of worry about ransomware depends on just how valuable the data on your computer is, and on how well you’ve prepared to resist a ransomware attack or, in the worst scenario, recover from one. A full backup of all essential files paired with a strong security suite is a good start for your home computer. Adding a layer ransomware-specific protection couldn’t hurt.

Your business is more likely to suffer an attack than you. At work, you don’t have control over things like security software and backup. However, you can be a good employee by staying alert for email-based attacks. And if you see something, say something (to the IT team).

I don’t seriously expect to experience a ransomware attack myself, not unless it’s something I caused deliberately, for testing purposes. However, I’ve taken all the precautions I described above. You should, too.

(via PCMag)

No comments

leave a comment