- Christiaan Colen / Flickr
Criminals don’t need to kidnap humans to extort money out of individuals or organizations. They’ve found something that’s possibly just as valuable and can be much easier to obtain: your computer files.
Ransomware – a form of malware that infects a computer and encrypts all its files – is nothing new. Since 1989, beginning withthe AIDS Trojan, which was distributed using floppy disks to attendees of the World Health Organization’s international AIDS conference, cyber criminals have been offering ultimatums to victims: pay the demanded ransom or lose your data forever.
This malicious software has adapted seamlessly with technological advances and now spreads through infected programs, compromised websites, and email attachments. From the moment a victim clicks the infected mode of delivery, the virus begins encrypting everything on their computer, as Lee Danielson – who happens to be my father – discovered last year when his computer was hijacked by ransomware.
In what he calls a “rotten luck and timing,” Danielson was scrolling through his inbox when he happened upon an email that claimed to be from Florida’s Broward County Clerk office, which said that it had information on his pending case. At the time, he happened to be fighting a parking ticket. While his “gut feeling” told him there was something odd about the government sending an email over a letter, he proceeded to do one thing that sends shivers down every cybersecurity expert’s spine: he opened the email attachment.
Every file on Danielson’s computer was replaced with a ransom note explaining his files were no longer his and if he wanted them back, he’d have to follow the provided link where he could pay to get the key to unlock his files.
His only thought? “Damn it. I’m screwed,” which was about the same advice he receivedfrom an IT expert he used for work, and Best Buy’s Geek Squad.
Both essentially told him, “pay up or wipe your computer clean.” The ransom note even told him not to bother buying anti-malware software because his computer was beyond saving.
This story is echoed by an ever-growing number of victims.Large and small enterprises, government organizations,average consumers, andeven police departmentshave all been either forced to give in to the ransomware authors demands or lose everything. Most ransoms are between $200 and $10,000, and they’re often paid through cryptocurrency Bitcoin.
The most prevalent ransomware, CryptoWall,cost victims around $18 millionfrom April 2014 to June 2015, the FBI says. And the problem is only expected to get worse.
But there are resources out there meant to stop these attacks as they happen.
One example is Blue Ridge Networks’ AppGuard, which is designed to stop both known and unknown malware from ever making its way onto your computer.
It’s widely regarded as a solid solution for preventing ransomware. Its partnerships include CenturyLink Federal and AOL, as well as other organizations in the banking, ATM, and cloud sectors, and it was named Government Security News’ winner for the best anti-malware solution for 2014.
John Higginbotham, the CEO of Blue Ridge Networks, told Business Insider that there are “5 new types of malware every second hitting the marketplace” and AppGuard has the capability to “essentially prevent breaches – call it instant response without detection – for any of these forms of new malware.”
- www.perspecsys.com / Flickr
But when you build an iron fortress, sometimes you can run into issues.
In the case of AppGuard, the product offers “very robust protection,” as one avid user ofthe security forum malwaretips.com, HJLBX, told Business Insider via email. But because AppGuard “blocks all applications – safe, unsafe, and unknown,” essentially locking down a system, using “the interface can be tedious” depending on how you use your computer.
Even XhenEd, another member of malwaretips.com community, who said he would recommend AppGuard above all others, said in an email it could be a “hassle sometimes” when it came to navigating the system and lowering security to run certain safe executable files.
But, as XhenEd put it: “Prevention is better than a cure.”
What the FBI says to do
- Use antivirus software and a firewall and keep them updated.Turn on automated updates for your OS and web browser.Enable popup blockers.Always backup your computer and store files offline.Be skeptical of websites, downloads, emails, or attachments that you are unfamiliar with.Use strong passwords and don’t use the same one for different accounts.Apply the same precautions you use on your desktop to your on your mobile phone.
But once ransomware is in your system, there is little to nothing you can do. Even theFBI says you have pretty much three options: “revert to back up systems, contact a security professional, or pay.”
- Kevin Dooley via Flickr
My father happened to be using an old work computer that didn’t have any real sentimental value to it. In his words: “The last thing I was gonna do was be ransomed by anybody for any amount.”
And as he points out, there is no guarantee that will be the end of your relationship with your cyberattacker. There’s nothing stopping these criminals from attempting to extort money from you down the road or even that you will get your information back. Even when people do pay for the decryption key and receive it, there is no way to know if you’ll be able to completely decrypt your files.
My father decided to “cut his losses” and just get a new computer, but he only had to give up a few meaningless pictures that were from his job. But what if his computer had contained pictures of my brother and I that had been misplaced in a move? Or the one digital copy of his now-deceased father playing his saxophone?
What would you consider “cutting your losses,” and what would you give anything to get back?