4 Things You Must Know About Ransomware Attacks
It sounds like something out of a Liam Neeson movie, but ransomware attacks don't take people hostage; they seize your computers. The University Of Calgary recently learned just how expensive these attacks really are, to the tune of $20,000. Here are four things you must know in order to protect your personal or business data from being compromised and losing money in the process.
How Do You Know If You've Been Attacked?
Most people know if their computer has been hit with malware, but ransomware can be a little different. It actually encrypts the files on your computer, leaving them inaccessible. And unlike with some types of malware, you really can't decrypt or get rid of it on your own. Ransomware can scramble your file names, leaving you clueless as to which ones have been affected. But if you're still in doubt, a message will be displayed, letting you know that you have been infected, a ransom is due, how much you have to pay, and a deadline for payment. There have also been occasions where phony messages from the Department of Justice have flashed across the screen, saying that illegal activity has been detected on the computer, and to avoid jail time, you must pay a fine.
Attackers, if they're smart, will ask you to pay in bitcoins, a form of digital currency that can't be traced but can be spent all the same at certain places.
Should You Pay Up?
Once you pay the ransom, you're supposed to get a decryption key that will release your files. So it seems the logical thing to do. But there are a number of things to weigh when deciding whether or not you should give the money to the attacker as nothing is guaranteed.
The University of Calgary ultimately decided that paying the attacker was pretty much a no-brainer because of the type of research they do and the fact that faculty and staff both depend on being able to access information for work. And although students were not targeted, they still were not able to get their email for a short period of time, which placed an enormous burden on their studies. Officials admitted they knew there was no guarantee they would be granted access to their files again, but it was a risk they were willing to take.
Whether you pay the ransom or not, ransomware attacks are criminal behavior, so involving the police as well as getting help from cyber experts is strongly recommended. You should also notify the Canadian Anti-Fraud Centre. It may be possible to find the suspect before losing your money. But law enforcement, with the help of IT professionals, can continue on with the investigation after you've paid the ransom.
Are You At Risk?
Assessing your risk for a ransomware incident is similar to gauging your openness to any sort of malware attack. In other words, anyone is prey. But there are some common threads to look for.
Cyber criminals will pretty much target anyone and everyone they can, but it seems as though the healthcare industry has been hit more than others. Why? Well, doctors and hospitals are more vulnerable, especially with patients' lives at stake. Therefore, they are more likely to pay the ransom.
But here's the thing: attackers don't generally seek out a particular victim; they pretty much go for whoever they can, and the weakest link ends up taking the fall. It is thought that criminals initially "tested" out their ransomware on individuals at home then moved on to the big dogs with more at stake, like police departments, schools, government officials, and hospitals.
Individuals that seem to be at a particularly high risk are those who neglect to back up data, use out-of-date programs, and rely solely on anti-virus software for protection. Businesses at risk are those with plenty of money, those that are likely to pay the ransom so their day-to-day isn't interrupted, and businesses that are less likely to alert police should a ransomware attack occur, i.e. those that may be involved in "fishy behavior."
How Can You Prevent It?
There are a number of steps you can take to protect yourself and your business. One of them is simply backing up your data every day to an external drive and/or the cloud. That way if you do receive a ransom note that you can't or won't pay, at least you won't have to worry about losing all your files
Other common-sense measures like implementing popup blockers and avoiding clicking on pop-ups or downloading attachments sent from strangers should always be adhered to. But you should also consider investing in anti-ransomware. Most anti-virus protection programs don't cover this, although computer anti virus services are always good to have.