Well, now it’s “Your money or your data!” It’s a new form of online extortion known as Ransomware. When it is installed, it immediately begins to encrypt all personal files; Pictures, documents, videos, and music are all at risk. The encryption is essentially unbreakable, and you get a message on your screen something like these:
This is very bad news.
Despite the fact that some of the examples above are displaying various law enforcement images, they are all the work of criminals that want to extort money from you, hence the name, ransomware. Instead of kidnapping you, they kidnap your data. Even some Police departments and hospitals have been forced to pay up (typically $200-$500, sometimes more) to get their valuable data back. It’s often impossible to retrieve the data any other way, and, of course, sometimes the criminals may not even hold up their end of the “bargain” after being paid. It’s much, much better (Not to mention cheaper), to not get into this situation in the first place.
Yes, your antivirus or anti-spyware program might find and delete the offending program… But by that time, the damage has been done, and deleting the program will not un-encrypt your files!
Your very first line of defense is to be very, very suspicious of anything that wants to install itself unexpectedly. This includes files that purport to be media players, games and security software. These often use social engineering to con you into installing them; for instance, “See naked pictures of (fill in name of celebrity here), or any other link that can be classified as Clickbait (defined as a link so provocative, scary, prurient, or otherwise so interesting in a juvenile sort of way you almost can’t help clicking it!), When you click on such a link, you might get a message saying, “You need to install (media player or other program) to view this content,” or sometimes “Virus detected! Install (Name of software that looks vaguely security-related).”
All of the above applies to email attachments and links as well.
Never, Never, Never install anything from a pop-up or similar message.
Second, there are browser add-ons that can help warn you about malicious sites. My favorite is Web of Trust, which can be installed on Internet Explorer, Firefox, Opera, and Chrome (but currently not the new Edge browser that comes with Windows 10).
Third, there is User Account Control (UAC), on all current versions of Windows. This is that annoying box that
spoils your fun when all you want to do is play that latest game or video. It is there for a reason. It’s to inform you that whatever you’re trying to do will make changes to the computer. This is your last chance to change your mind about installing things that might contain malware.
Fourth, there are a few companies building software to “immunize” your machine against ransomware. Malwarebytes, one of my favorite programs, has an anti-ransomware program in beta right now: https://forums.malwarebytes.org/topic/177751-introducing-malwarebytes-anti-ransomware-beta/
and BitDefender has one also: https://labs.bitdefender.com/2016/03/combination-crypto-ransomware-vaccine-released/
These programs do not absolve you from due diligence. Just as air bags in your car should not be construed as a license to drive recklessly, do not think you can do anything you want if you have one of these installed.
Finally, a good, frequent, tested, backup plan can help in this and many other disasters. Choose a backup plan that has versioning, so that even if your system backs up the encrypted files, it should also have the last “clean” version available. Read my post on backups here.
For even more empowering technology info, read my new book, “Deciphering the 21st Century,” Available now!
I’d love to hear your comments!