fbpx
Contact Us

The Risk Ransomware Poses to Everyday Families

Go Back

Ransomware is an ever-growing problem for individuals and businesses alike. So much so, that somebody like you and I are hit with ransomware every 10 seconds! Ransomware is crippling because it purposely ‘locks’ critical files on your computer that your device cannot do without (system files fundamental to the running of your computer) or personally important stuff that you would be devastated to lose (wedding photos, personal documents, family videos, etc.). It then demands a ransom to release those files back to you.

Why is Ransomware so Devastating?

It does all this through the use of something called ‘encryption’. Remember the film ‘Bletchley Park’? It’s what the Germans used so effectively in World War II with their Enigma Machine that Alan Turing famously cracked in 1941. That was all centred around cracking the German encryption code. The reason why ransomware is so crippling is because strong encryption is unbreakable. Literally. Not even the militaries, governmental spy agencies (like GCHQ or the NSA) or multi-billion dollar tech firms could recover your data if a strong encryption algorithm was used.

What is Encryption?

Encryption is the process of scrambling data so that it is unreadable to anyone without the password. It can be tricky to get your head around so I’ve provided an example below. The encryption ‘algorithm’ I’ve used below is called a substitution algorithm. You have two alphabets (normal vs encryption) and you swop out the associated letters. When decrypting you use the table to swop the letters back to interpret the message!

If we wanted to decrypt “Nqgubt umzfu” we first want to find the ‘N’ in the encryption row and see what the associated letter is on the Normal row is (it is ‘R’). This is then repeated for each letter in each of the encrypted words. Once we’re finished we can see it becomes “Ransomware sucks”! Grab a pen and paper and give it a go yourself! Try and decrypt “sgznljcbg nmvsu!” – see footnote for the answer!

Why is Ransomware so Widespread?

The WannaCry ransomware devasted the NHS in the UK back in 2017 and a new strain of the same virus, Petya, is wreaking havoc across police stations, small businesses, massive multinational organisations, government websites and people’s personal devices at the moment. It’s becoming so prevalent because it is a massive earner for cyber criminals. Symantec’s Annual Threat Report found that the average ransom has increased from $294 (£210) in 2015 to $1,077 (£768) in 2017, a 366% increase! Cyber crims are realising that most people will pay these kinds of figures to save their wedding photos, baby videos, entire music collections and years of memories. This figure is just an average and we have seen ransoms specifically set for specific targets, e.g. the MIRCOP ransomware specifically targeted high net worth individuals demanding £15,000-30,000 ransoms. It’s so profitable in fact that the creators of the infamous CryptoLocker ransomware virus are believed to have made as much as $30 million in as little as 100 days .

So, Should You Pay the Ransom?

It will be abundantly obvious when you’re struck by ransomware because instantaneously you’re device will lock-up. You’ll be displayed with a page that asks for payment (the ransom) to unlock your files. So, here’s the big question…should you pay the ransom to get your files back?

Absolutely not (in my humble opinion). Never ever pay ransoms. It may be tempting but it could open up a whole world of hurt. Why? There are several reasons;

1. You won’t necessary get your data back! Simply paying the ransom doesn’t mean you’re guaranteed you’ll get your data back. These are professional fraudsters and tend not to be the reliable stand-up citizens you’d hope they were! Symantec found that only 47% of victims who paid, actually got their files back !

2. Handing Payment Details Directly to Fraudsters. If you do pay the ransom, you are doing so knowing that you are giving your payment details directly to cyber criminals. Do you think they won’t defraud you further once they have your payment details?

3. You May be Added to a ‘Sucker List’. Cyber criminals maintain things called ‘sucker lists’ which are the contact details of all those people who either have a propensity to pay ransoms or have chronically poor security and therefore are worth targeting numerous times. Much like customer lists that big corporations buy and sell for their marketing campaigns, fraudsters buy and sell these sucker lists on the Darkweb. Once on a sucker list, not only would you have to cancel whatever card and email address you used to pay the cyber criminals, you’re now highly likely to be specifically targeted in the future for further attacks. The key is this - the cost of being on a sucker list will be significantly more over your lifetime than the initial cost of paying the original ransom.

What Can We Do To Prevent Being Stung By Ransomware?

Aside from trying not to get it in the first place, the best protection is to get your data so well backed up that if you are struck by ransomware you can shrug it off as at most, a minor inconvenience. You may need to reinstall your operating system (which actually would act as a great spring clean anyway!) but this pales into insignificance when compared to the effort you’d need to go through recovering data once it’s been encrypted.

See the tips below to avoid getting ransomware in the first place and how to get your data securely backed-up in case it does strike.

  • Never click on links or attachments in suspicious emails: this is one of the most common delivery methods for ransomware. If an email looks suspicious, scan it with your anti-virus program and/or delete it.
  • Ensure your web browser security is up to scratch: ensure that the web browser you use to browse the web is fully locked down. More specific guidance on this is provided in the ‘Secure Browsing’ section – click here to read more!
  • If Using Windows, Disable RDP (Remote Desktop Protocol): most people don’t use the RDP feature of windows which allows a remote person to access your PC but yet it remains active and acts as a way in for potential ransomware attacks. For Windows 10; Control Panel > Remote System Properties > Check Don't Allow Remote Connections to This Computer.
  • Back-ups: setup automatic and secure cloud-based back-ups of your main device. Having a cloud-based solution means that it is detached from your PC and won’t get corrupted if you’re attacked. We cover off the best way to get backed-up later on in the book!

Get a Decent Anti-Virus Program…

The above tips are important but won’t mean anything if you don’t have a decent anti-virus (AV) in place. A good AV will protect you from both malware and ransomware attacks. Having an AV is a non-negotiable and you need it for almost all devices (except iPhones and iPads). So, Mac users, windows and android users you all need it! Why iPhones and iPads aren’t required is for another time (you can read more about this is a post I did here). Luckily, there are some good all-in-one packages that make protection against ransomware a walk in the park!

So, what anti-virus do we need?

Well, without getting super technical…it needs to use something called ‘behavioural based detection’ and not ‘signature based’. Signature-based can only detect virus that we already know about. Behavioural systems identify threats by abnormal activity on your device and so have the ability to detect both already known attack types and new ones too. Many computers today come with some form of AV built in (e.g. Windows Defender), however, a lot of these are not up to scratch. Therefore, we need to select our own anti-virus program we know is tried and tested!

You can get both paid for and free AV software – some of the free products are actually quite impressive. Having reviewed results from independent antivirus testing labs, the best products in my opinion are as follows.

Laptops and PCs;

a) Bitdefender Antivirus Plus – this is the one I have and it’s fantastic. It offers 30-day free trial of the full version so you can road test it first and it only costs £39.99 per year (1 device). It’s great for both Mac and Windows PCs. During recent lab testing, this product blocked 100% of all viruses and malware that was thrown at it , all while having zero negative impact on system performance. Some of its other great features I really like are that it has a multi-layered approach to ransomware defence which most products still don’t have. It integrates with your web browser and secures your online shopping experience by preventing phishing and identity theft type attacks. But best of all, it has an autopilot function which once switched on means that it’ll automatically scan, update itself and deal with any threats all by itself without any intervention required from us. They even throw in a VPN (Virtual Private Network) for free so it’s even better value! We’ll come onto VPNs in the ‘Virtual Private Networks’ chapter.

b) Avast – the free alternative is Avast but beware, in order to make it free they bundle in some unnecessary other software so be sure to remove it once installed! A small price to pay for a premium AV at zero cost.

The cost of these is minimal for the level of protection you receive and both embody behavioural based detection so you know you are getting the most advanced protection available.

Top Tip: for those who have Windows Defender Security Centre (which provides anti-virus, firewall and parental control capabilities) I would disable the ‘Virus & Threat Protection’ (the anti-virus) and have Bitdefender Antivirus Plus recommended above as this default Windows AV is not particularly good for malware and has no protection against ransomware. Installing a third-party antivirus will disable the Windows Defender Antivirus automatically and it won’t affect the functionality of the other Windows Defender Security Centre functionalities.

Mobile Devices;

You may have noticed that earlier in this post I stated we need anti-virus software for “almost all” devices. It is true that Apple iOS devices are more resilient to malware threats than Android phones, due to the sandboxing technology that Apple iOS devices use. So, for iOS devices as long as we’re using the other protective measures I recommend (see post here) (e.g. secure media vault, device remote wipe app and screen locks) our iPhones and iPads will be protected.

If you have an Android device, I’d recommend Norton Security and Antivirus. It has a strong malware monitoring capability and if you opt for the paid version it’ll cover up to 10 devices (great for families). It also has an ‘App Advisor’ for Google Play app store to ensure you’re only downloading safe apps and has a well-designed user interface (a Free version is available).

Wow, well we’ve covered a lot there. Hopefully now you understand a lot more about ransomware attacks, how they can impact you and how you can protect yourselves against them. If you’ve already been struck by a ransomware attack, there is a number of things you can do to try and recover your locked data – visit the SOS Centre now and I'll help you resolve it.

As always, I’m always eager to hear your thoughts on ransomware or how you protect yourselves so if you have any comments do get in touch!

 

Jonny

Founder of www.SimpleCyberLife.com. Cyber security expert, public speaker and entrepreneur.

www.jonnypelter.com

jonny@simplecyberlife.com

 

Leave a Reply

Your email address will not be published. Required fields are marked *

Hacked Social Media Recovery Handbook!

Pop your email into the form below and we'll send you the link to your free handbook!

We hate spam and won't send you mindless marketing emails. We share some internet safety tips. You of course can unsubscribe at any time.

Free Protection Checklist!

Pop your email into the form below and we'll send you the link to your internet safety protection checklists!

We hate spam and won't send you mindless marketing emails. We share internet safety tips. You of course can unsubscribe at any time.

Free Cyber Bullying Handbook!

Pop your email into the form below and we'll send you the link to your free handbook!

We hate spam and won't send you mindless marketing emails. We share some internet safety tips occasionally. You of course can unsubscribe at any time.

Free I've Been Hacked Handbook!

Pop your email into the form below and we'll send you the link to your free handbook!

We hate spam and won't send you mindless marketing emails. We share internet safety tips. You of course can unsubscribe at any time.

Top