You’ve heard of hardware and software. You might have also heard the term malware, used to describe software with bad or criminal intentions. If you haven’t heard about ransomware, please continue reading. And if you have, there’s a new and scary twist.
Ransomware encrypts your files and demands a payment to decrypt (or restore) them. For most business users, and many savvy home users, there’s no need to pay the ransom and reward the criminals. Once the malware (infection) is removed from your computer, you can restore your files from backups.
IDG News Service (http://www.idgnews.net/) reports that the criminals have a new tactic … they threaten to publish your files on the internet unless the ransom is paid. So even if you have good backups, you might want to pay to prevent your files from being published. This puts you in a very bad position – forcing you to deal with criminals, and even if you pay the ransom, there’s no guarantee that your files won’t end up being made public.
So far, there’s no evidence that any files have been published as a result of this. It is also not clear that the criminals actually have the capability to do this – it would require a large amount of data storage to keep copies of all the files. But it’s a scary concept for anyone with sensitive data.
This malware works by entering your computer in the usual ways, often by email. Since many email filters block bad attachments, the emails contain a link to a malicious or hacked website, or a file sharing service, that contains the actual malware. For example, an unsolicited email claiming to be a resume from someone you’ve never heard of is probably malware.
What to do? Make sure you have a good anti-virus (or anti-malware) program and make sure it is updating itself. Remember that none of the anti-virus products are 100% effective. Be suspicious of unsolicited emails. Be extremely cautious of embedded attachments and links. Remember, you’re not being paranoid if they really are out to get you. And they are out to get you!
Are your computers protected? Do your users understand the risks? How can we help?