Ransomware, malware that locks you out of your own machine — is on the rise, according to an alert issued by the United States Computer Emergency Readiness Team (US-CERT). The agency, which is part of the U.S. Department of Homeland Security, has noted a surge in dangerous ransomware infecting private and business computers and even in hospitals.
When ransomware infiltrates your computer, it takes over and locks you out of your own machine unless you pay a ransom. The lockout can take the form of access restriction or file encryption. The malware then informs you what to do via intimidating, panic-inducing onscreen messages such as these:
- Your computer has been infected with a virus. Click here to resolve the issue.
- Your computer was used to visit websites with illegal content. To unlock your computer, you must pay a $100 fine.
- All files on your computer have been encrypted. You must pay this ransom within 72 hours to regain access to your data.
Once you've been infected, you'll be unable to use your computer. The malware holds your machine hostage until you give in to demands for money, usually in the range of $200 to $400 payable via virtual currency such as bitcoin.
Ransomware commonly spreads through attachment-laden phishing emails, instant messaging applications on social media and drive-by downloads that trick you into visiting a website that loads malware onto your computer, according to US-CERT. If you suspect a message or file you've received may be malicious or fraudulent, report it right away to the Federal Bureau of Investigation’s Internet Crime Complaint Center.
If you've been struck by ransomware, your options are limited. The best option is to restore your computer to its factory settings and then recover your files from your latest back up (you are backing up your files, right?). If you don't have a back up copy of your files, we don't recommend paying the ransom. Even if you cough up the money demanded by the hackers, there’s no guarantee they will unlock your computer or decrypt your files. And even if they did, there’s no guarantee they would also remove the malware.
So an ounce of prevention is worth a pound of cure. US-CERT recommends these preventive measures to avert ransomware infection:
- Back up your data regularly and keep copies in offline storage. We recommend using cloud backup that syncs you files, so they're always up to date, like Dropbox. For local, offline backups, we recommend the 2TB Western Digital Elements for $80.99 on Amazon or the sleeker 2TB Seagate Backup Plus Slim for $88.90 on Amazon.
- Apply security updates and patches for your operating system. These updates often close up the security holes and vulnerabilities that malware exploits.
- Install a reliable antivirus program and keep it up to date. Always check downloaded executable files with your antivirus program before running them.
- Restrict others from installing and running unknown or unwanted programs on your computer.
- Disable macros in email attachments (this is disabled by default). Viruses and malware often unleash their malicious payloads through macros embedded in attachments. The macros run when you open the attachments, so don’t open email attachments from suspicious sources. See US-CERT’s guide on recognizing and avoiding email scams for more tips.
- Avoid falling prey to social engineering and phishing. For instance, don't click on URLs in unsolicited email.
[Image credit: Ransom ware - Keyboard locked in a chain via Shutterstock, Seagate]