Page 4 - index
P. 4
might choose to do yourself, firewalls and antivi-
rus software typically do not offer much protec-
tion against ransomware. Further, as security
Ransomware! software firms have tried to come up with pre-
ventative or remedial software, the people be-
hind ransomware have continued to modify their
A term that strikes fear in computer users software to stay at least several steps ahead.
around the world (except, perhaps, in Russia) -
and rightly so! According to an e-mail newslet- To give you a sense of what is driving the “bad
ter I just received from Webroot the most re- guys” to pursue this line of work, I’ve seen an
cent incarnation is both more sophisticated and estimate that one of the first variants of this soft-
more expensive than any previous version. It ware, Cryptolocker, netted $325,000,000 in ran-
is referred to as CryptoWall 4.0, and the going som payments during the first year it was being
rate for the “key” you will need to decrypt your used. (Ransomware is used against business-
computer files is now $700. es and government agencies, as well as individ-
ual computer users. Needless to say, the ran-
For those not familiar with the term, som demanded from the larger victims is con-
“ransomware” refers to malicious software in- siderably higher than the ransom for individual
stalled on your computer designed to kidnap users; I remember at least one anecdote about
your files. It encrypts your files, so that you a municipality which paid $75,000 to get the pri-
cannot access them or use them. Shortly after vate key needed to decrypt their files.)
encryption a message will appear on your com-
puter screen telling you that your files are now By now you are probably asking yourself, “If my
encrypted and that you have a limited time to firewall and antivirus software will not protect
pay a ransom to that person or organization in me from ransomware, what can I do to protect
return for the decryption key. You will be told myself?” If you dig into this subject on the Inter-
to purchase Bitcoins equivalent in value to the net, you will find some elaborate, technical ap-
ransom amount specified, and be given in- proaches (that are beyond my level of exper-
structions about how to do this and how to tise). Further, implementing some of these fea-
transmit those Bitcoins to the kidnapper. This tures may impede normal computer operations.
notice may include a reminder that if the However, there are some relatively simple
Bitcoins have not been received by the dead- things you can do to minimize your vulnerability.
line specified, the amount of the ransom will These include:
double. Further, if the ransom has not been
received by the specified date, the decryption 1. If you have not already done so, estab-
key for your computer will be destroyed. If this lish a “limited” or “standard” user account
happens, your computer files will be forever on your computer (in addition to the
encrypted and unavailable to you. Here is a “administrative” account that you had to
sample of such a notice, which I found on the create to use your computer in the first
“bleepingcomputer.com” website: place). Then, stop using your administra-
tive account completely – other than to
install, update or remove software or per-
form other essential administrative func-
tions. Use your new standard account
for all Web-related activity. Why? Be-
cause prior administrative approval is re-
quired to make any changes to your com-
puter when you are operating in your
standard account. This limits the ability
of the bad guys to trick you into installing
an “.exe” file on your computer.
2. Speaking of installing “.exe” files, all the
usual warnings against “phishing”, indis-
criminate Web surfing, opening email at-
tachments and clicking on links contained
(Continued on page 11)
Because the software used to encrypt your 4
files mimics legitimate encryption that you