Ransomware: A global threat

Why can’t I use a credit card everywhere in the world?
July 4, 2017
Bolt P2PE and CardConnect
July 18, 2017
Why can’t I use a credit card everywhere in the world?
July 4, 2017
Bolt P2PE and CardConnect
July 18, 2017

Ransomware is the new threat in the cyber world. Any computer or user can potentially fall prey to it and it leaves the user with a feeling of helplessness. There is some shame that comes with it after all you just perceived yourself as getting hacked and you might be out a lot of money. There are a few things that you should know.

Criminals have been evolving in the sophistication of their attacks. At first it was just a malicious toolbar or something like that that causes performance issues. Then it was something like a trojan or keylogger to try to get your passwords or credit card information. Now it is ransomware. It takes complete control of your computer and locks you out. Your data is encrypted and the attacker promises to unlock it when you pay up, often in bitcoins. The thief also gives you a 72 hours window to pay up. They now control all of your stuff, your photos, your music, your tax documents and your business records. That’s scary.

Unlocking your computer may not be cheap. An email address is provided and on occasion you can negotiate a better ransom figure, after all these thieves know that not everyone is super rich and getting as much money as they can is their goal. Before you do that there are a few things you should think about.

Security experts and the FBI recommend that you do not pay the ransom. The purpose of ransomware is to instill fear in you and a sense of urgency. After the deadline passes in most cases your data will not be gone but the pricetag will go up. Paying up for an individual usually runs about $700 but for a business it can be in the tens of thousands of dollars. You also do not have to go it alone. A group of cyber security firms and organizations started nomoreransom.org to aid victims of ransomware. You can upload one of the files to the page and they will let you know if they can help. Other sites like bleepingcomputer.com also offer help.

If you have never been hit by a ransomware attack there are several things you can do to prevent it or fix it quickly. The most important things that can be done is to keep your computer and all of its software up to date. Not only is this an important part of PCI compliance but it makes good business sense. If the vulnerability that a criminal uses to exploit your computer is closed they will move on to finding another computer that is open. Another thing that you should do is to backup your data. Put your tax records, your photos, business records or anything you can’t live without and put it on an external hard drive or burn it onto a disc. If you do that and you are hit with a ransomware attack restoring your computer system may be the quickest way to fix it and with your data safe and secure you can do it knowing it will all be there when you’re back up. Leave the external hard drive unconnected so it cannot be compromised. Also only download and install software from trusted sources. If you get a message to install something and did not do anything to prompt it or do not recognize it do not install it.

For some other tips and information check out the FBI’s page on ransomware.