Your Files for Ransom

Your Files for Ransom

What if you went to a city office to carry out a transaction, and the person behind the counter gave you a handwritten receipt? Well, last week, the City of Baltimore had to write lots of paper receipts, after attackers launched a successful ransomware attack called RobbinHood that took down many of the city’s computer systems. Baltimore is one of many local governments that have recently fallen victim to a ransomware attack and this is Baltimore’s second ransomware attack this year.

So, what’s ransomware? Ransomware is a type of malware that enables an attacker to encrypt someone's files, blocking access to them and threatening to delete them unless and until the victim pays the ransom the attacker demands. Most of the time, after the victim pays, the attacker provides instructions for decrypting and recovering the files. So, if you turn on your computer, and see something that looks like this, then you are the latest victim of a ransomware attack.

Attackers almost always demand payment in Bitcoin. This is because it is digital, untraceable, and no government controls it. Sometimes this involves going to a Bitcoin ATM to pay the money. (Yes, these really do exist.) In a dystopian twist, some ransomware authors even offer customer support whose stellar level of service rivals that of many legitimate companies!

Ransomware is unique in that it requires victims to interact directly with attackers, even though the attacker’s identity remains hidden. James Scott, Sr. Fellow, Institute for Critical Infrastructure Technology, said it best in that, “Ransomware is unique among cybercrime because in order for the attack to be successful, it requires the victim to become a willing accomplice after the fact.”

If you want to hear a real-life account of someone who was the target of a ransomware attack, then watch this video from PBS NewsHour:

Ransomware attacks are chilling, and for good reason. Many individuals and organizations pay the ransom, giving thousands of dollars to attackers to regain access to their very own files. However, you can take steps to prevent an attack. For example, always keep your computer up to date so that attackers cannot exploit known vulnerabilities, such as what happened when WannaCry exploited out-of-date Windows operating systems. Running an out-of-date or unsupported operating system is like securing the entrances to your home with broken locks. Take it one step further by ensuring Windows security updates are installing automatically. Also, back up your data on a removable hard drive or the cloud, and version your backups, so that if ransomware encrypts the current version, then at least the previous version is available for recovery.

Finally, the weakest link in any cyber-defense scheme is people. Therefore, make security awareness a part of everyday life. For example, if you know your parents or grandparents do not know that opening some email attachments can deploy malware to their machine, then train them. The same goes for your kids, spouse, significant other, other loved ones, friends, and coworkers. In conclusion, preventing ransomware attacks can be confusing and overwhelming. So, when you need help navigating ways to prevent malware attacks, just call or email us. We offer a full-range of services that can help!