By Scott Baughman
Your incoming email chime dings and you flip over to your inbox to see a new message. The sender has the name of a close friend or significant other. The message says something innocuous like “Thought you’d like this” or even “Check this out!” with it’s breathless anticipation implied by an exclamation mark.
But when you open the message there’s nothing there but a link – maybe it’s to a website or even offering to collaborate on a Google Doc.
Whatever you do – DO NOT click this link. Hackers are on the prowl again and this is their latest tactic for luring you into installing malicious software on your machine. But this time it isn’t just about making a mess of your hard drive, it’s about holding your data for a ransom in the latest twist on a new type of tactic called ransomware.
I’ve written about ransomware once already – back in 2015. Over the intervening years the problem has only gotten worse. Last month, the computer system for the entire government of Mecklenburg County in North Carolina was held hostage after an unwitting employee did indeed install some ransomware by accident. The hackers locked up the computers and then the servers of the county so badly, that the county had to get on local radio and TV to inform citizens that they wouldn’t be able to use many county services. This included scheduling building inspections, coordinating benefits for certain county staff, setting up visitation schedules with the county’s Department of Social Services, scheduling appointments for the county’s various medical clinics and, of course, checking on or even applying for county building permits, sewer permits, park and recreation permits or any other kind of permit.
And then they added that they were working with the FBI and the National Security Administration to try and track down the origin of the hack and restore functionality to the county’s computers. They said it could take several days or weeks – WEEKS! – before the county was back to normal.
The most shocking part of the attack was the size of the ransom the hackers were demanding – $23,000. For reference, when I wrote my article in 2015 on ransomware the average ransom demand was $300. Inflation moves at light speed in the cybercrime world, apparently. Worse, there’s no guarantee that even after you pay the ransom – normally demanded in Bitcoins – the hackers will follow through with their agreement to fix your files and restore your system. They are criminals, after all.
So, dear reader, what’s a citizen of the 21st century to do? Here are six tips to help you keep your system, especially your business-related system, from getting infected and even if you do get infected with ransomware these tips can help you recover without being at the mercy of criminals:
- Get a firewall: If you’re connecting to the Internet in this day and age without any kind of firewall – a hardware or software “barrier” between you and the web – stop doing it right now and go install one. Get a software firewall that scans your environment for harmful attachments, worms and viruses and warns you of them.
- Don’t share your administrator passwords: Even if the only people who log on to your devices are family members, make sure everyone has their own username and password and only one or two of you have full privileges to make changes to the system.
- Be wary of Google results: When you search up a term on Google, don’t just click the first result on the list without paying close attention to what that first result is actually linking. Hackers can sometimes fool you with a Google sponsored ad at the top of your search result list that’s a link to ransomware.
- Call for backup: I don’t just mean asking for help – although that’s always important – but in this case get a Time Capsule from Apple or log on to Carbonite.com and set up a backup of your critical data. This way, if you get locked out due to ransomware you can just restore your system and go on your merry way.
- Look out for viruses that pretend they are anti-virus software: Watch out for anti-virus software that shows up in a pop-up ad and warning you that it just found a virus on your system. That’s almost always a scam to trick you into actually installing a virus.
- Make sure you know your ransomware: Not every piece of ransomware actually locks you out of your system. It just makes it APPEAR you are locked out. If the ransomware is only blocking your access by butting a barrier between you and the computer’s interface, you can often reset your system – sometimes with a simple power button press – and you’ll be fine.
And those are my best tips so far. Until next time, let’s try to stay clean out there and…Download Complete!