Sunday, August 30, 2015

Ransomware: a serious and growing threat

Last month I explained how you could avoid visiting "bad" web sites. This article describes the very serious threat of Ransomware. I don't like to write "scary stories" about online dangers but this one is serious and has afflicted several acquaintances. The latest plague on the Internet Land is dubbed Ransomware because these attacks take control of your computer and demand payment. There are two different versions - one not too serious and one really, really serious.

In the first case, clicking on a link in an email message or web page takes you to a fraudulent web site. You will immediately lose control of your computer which is now controlled by code in your browser. The web page displayed will be overlaid by messages saying your computer is locked and you need to "call this number" (don't) for assistance. You cannot get rid of the message or do anything else with your computer. Even if you restart your computer or the browser, the problem often persists. There are so many browsers and operating systems versions I can't tell you exactly what to do. I will say the problem is usually not "fatal" meaning no loss of data and there are ways to deal with it that should be found by a search - obviously on another computer.

The second case is much more serious. Again, clicking on a malicious link (do you see a pattern here?) can cause a total lock up of your computer AND YOUR DATA. Your data is encrypted (unusable) and you will be instructed to pay a fee of several hundred dollars to fix the problem - which of course they may or may not do when you pay up - remember these people are criminals. Sometimes your data can be retrieved by an expert and sometimes not. What can you do?

Prevention is the only good approach because there is no certain cure; you should have a good back up system. Assume all your data will be lost sometime. This can include a backup disk strategy that is well thought out - unconnected backup disks (otherwise they might also be corrupted), disk rotation including off-site copy, etc. Increasingly we are turning to cloud storage to put our information in an entirely different location. Dozens of these service exist - Dropbox, Box, Sugar sync, MS iDrive, Google drive, Apple iCloud, etc.

Of course the best strategy is to use more than one - combine local storage with a remote service. I was a cautious at first but my preference now is to use cloud storage - iCloud and Dropbox - for my "originals" and make copies on to my local hard drives from time to time. Having the originals stored in the cloud makes them accessible from any device anywhere. I use the word "originals" advisedly since the original meaning of original no longer applies. My originals are the cloud based working copies - which are occasionally backed up locally.

No comments:

Post a Comment