Ransomeware is a computer program (malware) that when installed and run on your computer it will encrypt almost every file on your computer then give you a pop-up warning that you have a certain amount of time to pay the software distributors a ransom to get the password to unlock all of your files. There are dozens of varieties of ransomware, but they do about the same thing: they hold your data and files for ransom. One insidious version lets you either pay to unlock or infect others and once they have paid their ransom your computer will be unlocked.
To defend yourself, the best method is to back-up your computer on a drive that is not continuously connected to the computer (otherwise the ransomware will lock up the files on it too) using a program that saves incremental versions of your computer. The reason to have incremental backups is because often ransomware has an incubation period so that your latest backup might already contain the malware. If you get ransomwared you can then simply wipe your drive and install from your backups. You are doing this already in case your hard drive fails, right?
Last November San Francisco’s train ticketing system was ransomwared and they recovered using their backups.
Another piece of advice you probably already know: use antivirus/anti-malware. They can see the signatures of some of the known ransomware versions and protect you.
Watch out for macros. These are Microsoft office files that have code built into them. A common attack is an email with a word document that has instructions that if it doesn’t look right you need to enable macros. It will never look right and once you enable macros they own you. Another trick is you will get a file emailed to you with a name like “invoice.docx.exe”. This is not a word document but an executable file that will run if you double click it. Be very careful with emails in particular and if you get a link you are worried about, check it first using one of the many free link safety checkers like Google’s.
Finally, if you find yourself installing software you weren’t looking for don’t install it. If you do install software, keep it up to date (especially flash and java for your web browser).
Finally, if it is too late, you are ransomwared and you don’t want to pay there are free decryption tools that can sometimes unlock your files at the No More Ransomware Project’s website.
For more information on cybersecurity and how to protect yourself, please join us for a cybersecurity webinar April 6 with Laura Baker from Medicine Bow Technologies. The Wyoming Small Business Development Center also provides free and confidential cybersecurity advising if you or your business has particular concerns or questions.
Jim Drever is a counselor with the Wyoming SBDC.