Ransomware is a new breed of computer virus that is wrecking havoc on individuals and businesses alike. Once infected, ransomware will encrypt all of a user’s documents and files and then demand a ransom from the victim using bitcoin or in other hard-to-trace digital currencies. The ransoms are usually hefty (to the tune of over $500 or even thousands of dollars), and often times, that amount goes up if the ransom isn’t paid fairly quickly.
Mac computers are no longer immune. Just today, Reuters reported that the first known ransomware affecting Apple computers has been discovered.
Unfortunately, Ransomware can affect an entire network. Recently, I got a phone call from a concerned employee of a local company whose data on that company’s server was encrypted by a strain of the virus. An employee’s computer got infected with a type of ransomware, and once the virus had encrypted all of that local user’s files, it was able to encrypt all of the files that person had access to on the company server.
Although the company had a full time IT staff person, the employee who called me was concerned that there may be additional measures I could take to help them avoid paying the ransom (which doesn’t always work). After I briefly spoke with their IT staff person, I knew that there was little else I could do.
Paying the ransom doesn’t always work. There is no guarantee you will actually get your files and folders back. It should be your absolute last attempt at getting your files back (if they are that important to you).
The best method of defense is to keep your computer’s software updated and to always have good backups. I’ve written several posts on keeping your computer secure (Windows Updates & Other Security Patches, Password Security & User Accounts and Three Ways to Secure Your Data are just some of the posts I’ve published).
It is imperative to keep good backups. Syncing your data (think: Dropbox Sync or Google Drive Sync) is NOT a proper backup. When I help clients setup a backup system that “syncs” into the cloud, I first setup a folder onto server or NAS that no one has access to, I setup a task on the server to take multiple revisions (versions or copies) of the company’s files and store it into that folder, and then finally, I sync that entire folder into the cloud.
Other ways to backup this data include manually backing it up onto an external hard drive (and then making sure that the hard drive is disconnected from the server or computer that is being backed up). This isn’t a recommended approach, though, because it takes time & effort.
Finally, Malwarebytes has launched a new anti-ransomware program. It is still in beta, so there may be some additional bugs in the software that need to be fixed before it is ready for prime-time, and Malwarebytes recommends installing it into a non-production environment first, but this is a huge step forward. I have successfully tested this on my Windows 10 VM (Virtual Machine) and have had very few problems with it.