Q: I have two friends who were recently hit with “ransomware.” What are their options?
Ransomware is one of the fastest growing cyber-crimes because it’s working so well for organized crime rings around the world. Victims of ransomware are essentially locked out of their private files unless they are willing to pay a ransom to get the key that will unlock them.
Alarming ransomware statistics
According to one estimate, $209 million was paid in ransomware attacks in the first quarter of 2016 alone. Another survey found that nearly 50 percent of professional organizations were victims of a ransomware attack in the past 12 months.
The average ransom demanded is just under $700, but as more businesses are being targeted, the ransom amounts are increasing. To provide some perspective, the average ransom demand in 2015 was around $294.
Fifty-nine percent of infections come via email as either a malicious link or an infected email attachment.
Malicious social media links don’t account for a large percentage of the current attacks, but cyber security experts expect this approach to grow.
Protecting yourself from ransomware
Since this form of attack largely relies on tricking a human into clicking on a link or opening a malicious attachment, educating everyone in your household or business on ways to spot questionable email messages is a good start.
Since cyber-criminals have the ability to use internet searches and social media to figure out who’s who in just about any business, it allows them to create very clever spear-phishing email messages that can fool employees that aren’t paying attention.
Bad grammar, missing punctuation and strange salutations are just a few of the things that everyone needs to be looking for in just about any message that prompts you to click on a link or open an attachment.
There is a free phishing security test businesses can use to test and educate their employees from a company called KnowBe4.
Parents need to understand that cyber-criminals set their traps where they know teenagers go to download free music, games, movies and programs that usually cost hundreds of dollars.
Make sure you have all your security updates installed and have a good off-site backup like Carbonite (Read: “Are online backup services safe?“) so you don’t ever have to pay the ransom to get your files back.
Options for victims
If you become a victim of a ransomware attack, your options depend on what type of backup you employ. Traditional backup devices that are attached to your computer when you’re attacked are also attacked, so unless you have a disconnected or off-site backup, you’ll either have to pay the ransom or lose everything and start over.
Fortunately, getting rid of the infection that allowed your files to be held hostage is pretty straight forward, but decrypting your compromised files is nearly impossible for most of today’s attacks.
If you do have a clean backup, you can either disinfect the system by booting to an uninfected device, like a flash drive or CD/DVD to run a scan with anti-virus/security programs or wipe the drive completely and reload everything from scratch.
Ken Colburn is founder and CEO of Data Doctors Computer Services. Ask any tech question on Facebook or Twitter.