Let’s look at ransomware – software that holds your computer hostage until you pay up – and how best to protect yourself.
Spoiler alert: you already know the answer.
What is ransomware?
First, let me tell you that ransomware is actually nothing new. It’s received a lot of press lately for the latest variant, but the technique has been around for a long time.
It’s nothing more than malware which encrypts some large portion of the machine or its data and then holds it hostage until you pay some exorbitant fee to (hopefully) regain access. The most recent variants are using good encryption, so once your machine has fallen victim to it, the outlook is actually pretty bleak.
Note the word I used: malware. Ransomware is just malware. It’s really just spyware, a virus, whatever you want to call it – and it’s just another thing that hackers do once they gain access to someone’s computers. It’s very destructive malware, it’s effective at what it does, but it’s just malware.
And that should give you a huge clue on how to prevent it.
You protect yourself from ransomware exactly like you protect yourself from all viruses and malware.
- You should have a firewall. A router is probably good enough and an additional software firewall is fine if you’re paranoid. Turning on the Windows 7 firewall these days is usually enough.
- Run up-to-date anti-malware tools. I happen to recommend Microsoft Security Essentials, but there are many, many others. Make sure that they are running and up-to-date.
- Keep your system and software up-to-date.
- And of course the usual advice applies: don’t download random things from the internet; don’t open attachments that you aren’t completely certain are valid and correct. The most recent and virulent ransomware seems to arrive most often in the form of an email attachment.
Basically, do all the things you should already be doing to keep yourself safe on the internet. In fact, that’s the article that I’m going to point you at (“Internet Safety: 8 Steps to Keeping Your Computer Safe on the Internet“) because that’s really all this boils down to doing.
This happens to be just one style of threat – a particularly nasty one – but one that you protect yourself from it in the exact same way that you protect yourself from all other styles of attack… all other styles of malware.
The safety of backups
One final thing that I will throw out is that having a good and recent backup1 can save you almost immediately.
If you find that your machine has been encrypted by ransomware on Tuesday, restoring to a backup you took on Monday would make it almost a non-event. Aside from any work performed since the Monday backup, you’d have your machine back and running again in no time, without having to pay any ransom.
There is almost nothing that a good backup can’t save you from – and this is another case where, if you have current up-to-date backups for your machine, even something like ransomware doesn’t necessarily need to get in your way.
Should I pay the ransom?
I say that for two reasons:
- These are malicious hackers. Once they have your money, there is zero incentive for them to actual deliver on the promise of decryption. You’ll be exactly where you were when the ransomware took over, just poorer.
- Paying them encourages them to keep doing this.
Stay safe, use a backup, and never negotiate with hostage takers – even when it’s your data they take.