We’ve written about Cryptowall ransomware before on a couple of occasions (A Ransomware Survival Story; Ransomware Recovery – Be Ready in Advance). Ransomware isn’t new, but it continues to evolve – and that isn’t a good thing.
And just in case you’re still not sure what ransomware does…it’s malicious software that renders your files unusable until you pay a ransom. It does this by encrypting end-user data files (including photos, documents, spreadsheets, videos and several dozen other file types). There isn’t any anti-virus or anti-malware program that can unencrypt the files. If you don’t have another copy, you then must pay the ransom or decide that you can live without the files. If you do pay the ransom, then you are usually given the encryption key to unencrypt your files.
To answer “yes” to the question, “Am I prepared for ransomware?” you need to be certain of the following:
I regularly archive/backup all of my files so that I can restore them to a previous state should there be a catastrophe on the primary computer where they are stored.
Maybe a simpler way to think about this question is this: If someone stole your computer where you store files, would you still have a copy of the files somewhere?
Now, this isn’t the only thing you should be doing but this one is the only one that truly indicates that you’re prepared. You can be doing everything else right, but if you’re not backing up files, then you are not prepared. To really be prepared, you have to assume that you will be hit with ransomware.
There are many variants of ransomware and the big one in 2015 has been CryptoWall 3.0. The Computer Threat Alliance (members include Intel, Symantec, Fortinet, and others) claims that CryptoWall 3.0 generated at least $325 million in ransom in 2015 and states that this is a conservative estimate. CryptoWall 3.0 is not a handful of basement hackers. It is run as efficiently as just about any other business. There’s even a call center where you can get assistance if you don’t understand the steps necessary to pay the ransom and to unencrypt your files. And if that isn’t bad enough, CryptoWall 4.0 is now making its rounds and it is far nastier.
So what should you be doing to protect yourself? Here’s my short list. All of these are important, but the last one is the one where most computer users completely fail.
- I use a commercial anti-virus and anti-malware program and I keep it updated.
- I make use of a firewall.
- I have educated myself to recognize when links may be dangerous.
- I backup my files regularly to another place (can be another computer or a data archive service).
File Sharing Services like Dropbox, Google Drive, OneDrive, and Soonr can also be a big help because they save previous versions of files. If a file becomes corrupted (encrypted by ransomware for instance), you can often revert back to the previous version of the file. Because the encrypted version of the file is now a new version of the file, the previous version is now the file before ransomware encrypted it.
I don’t think you should rely on file sharing services alone, but they really could save you should you get hit with ransomware. I strongly encourage to also backup your files to another place. There are plenty of good cloud-based services now and prices for using them continue to become more competitive. PC Magazine has a good review on Online Backup Services from May of 2015. That would be a great place to start to understand what is available.