From the Cyber Security Expert: Ransomware, What You Need to Know
From the Cyber Security Expert: Ransomware, What You Need to Know
Over the past couple of years, it’s been almost impossible to avoid hearing someone talking about ransomware. From government agencies to random individuals, ransomware has continued to have a major impact on society as a whole. So of course, this means that people have questions. One of the most common questions I am asked is: what can I do to avoid falling victim to ransomware? It seems like a pretty simple question, but the answer is much more difficult. This is because there are so many ways in which criminals can target their victims. More importantly, these types of attacks continue to change at almost an hourly pace. In addition, the actual concept of ransomware as a whole has changed.
The Evolution of Ransomware
So, what is ransomware? Well, it used to be pretty straight forward. Malware would somehow get on your computer. From there it would lock you out of any files that might be of value. For example, all word documents, images, excel spreadsheets, etc. Then you would be prompted with a message telling you that you had to pay a fee. If you paid the fee, the files were unlocked and you continue on as though nothing had happened. If you didn’t pay the fee, your files were gone forever.
Now, you may have noticed that I started that last paragraph by saying the ransomware *used to be* pretty straight forward. The reason I put it that way is that ransomware is rapidly changing. You see, potential victims of this started getting proactive and performing backups of anything important.
Businesses backup their critical customer records and other important files. Home users backup their pictures, documents and files that are important to them. Then if malware got onto their computers and locked them out of their files, it was not a big deal. Just remove the malware or re‐load the operating system, restore the backed‐up files and it was as though nothing happened. Problem solved.
Of course, cybercriminals rarely just give up and walk away. With ransomware being a multi‐billion dollar industry, the idea that a simple backup could render it useless caused cybercriminals to adapt. If corporations and individuals were not going to pay to get their files back, maybe they would pay to keep their files and other information from being made public.
So, the malware that supports ransomware began to change. Instead of simply locking files and posting a message about paying a fee, criminals began downloading anything that could be of value.
Documents, databases, images—anything that could be considered private or confidential—has now become part of the ransomware process. Of course, the files would also still be locked and a fee would still be required, but now criminals will also outline everything they have stolen and threaten to release that information to the Dark Web, competitors or even your friends and family. Basically, ransomware has morphed into high stakes extortion and the ransomware business has never been better.
How to Avoid Becoming a Victim
So back to the initial question: what can I do to avoid falling victim to ransomware? Unfortunately, there is no silver bullet. As I said at the beginning, there are so many ways for a cybercriminal to target you, it would be simply impossible to say if you just do this, you won’t ever have to worry. It’s just not that simple. Now that said, this doesn’t mean that you should just give up. While it’s simply not possible to guarantee you won’t fall victim to an attack, there are absolutely things you can do to greatly reduce your risk.
First and foremost, understand that email is your biggest risk. The vast majority of ransomware that ends up on peoples’ computers starts with an email. Now just to clarify that statement, if you are in the corporate environment, malware could spread through every computer on a network very quickly through vulnerabilities in operating systems that have nothing to do with email. BUT, in most cases, the spread will start from the very first victim who initially received the malware on their computer. And it is from a simple email.
Now, detecting and not falling victim to malware received via email is easier said than done. Everyone will tell you that to avoid this, you need to avoid clicking on malicious links and opening malicious attachments that are received in emails. Sounds simple, but what does that mean?
If a co‐worker sends you an email saying they need you to check out a word document they have attached, do you open it? Well, if you do, you might be installing malware. On the other hand, if you don’t, you might not be doing your job. Same thing can happen with a link sent in an email from a loved one or a picture sent in an email from your friend. Remember, just because it says the sender is a person you know, it doesn’t really mean that it was sent from that person. A cybercriminal can make an email appear to be sent from anyone and in most cases that is what they will try to do.
So, you just received an unsolicited email, it looks like it came from a friend and it contains a link or attachment. What do you do? While it sounds annoying, the best advice I can give is to pick up your phone and call or text the sender and ask them if they really sent it. I know, what a pain in the neck. But this is why cybercriminals are having so much success. Because the odds of you picking up the phone to confirm the legitimacy of the email before clicking on that link or opening that attachment are very low. Unfortunately, that is one of only options available when trying to avoid malware spreading through email.
Now, let’s assume that you just chuckled to yourself and said “yeah, good luck. There is no way I am going to do that,” I promise you, you are not alone. I have not always practiced what I preach either. I do have another option for you. This also goes for employees who are in jobs where they are required to receive unsolicited emails from customers or potential new sales. In many of those cases, they may have no choice but to click on links or open attachments and in these situations, you should probably consider changing the equipment used to access these emails.
Ransomware and all its many iterations of malware are not going away any time soon. Criminals are going to continue to adapt and every person on the planet with an Internet connection is going to continue to be at risk. To reduce your risk of falling victim, keep your devices backed up, limit the amount of confidential data you have on your computer, avoid clicking on links and opening attachments and when possible, use more secure devices like a tablet. There may come a time when you can simply install a form of anti‐virus and suddenly all your risks are gone. Unfortunately as of today, it’s not quite that simple.
Jim Stickley CEO
Stickley on Security
Jim Stickley has stolen credit cards, hacked Social Security numbers, robbed banks, created fake ATMs, broken into armed government facilities and stolen from teenagers. Fortunately for all victims involved, Jim is a cybersecurity expert with over 20 years in the industry who was hired to perform these attacks by corporations testing their security, and news agencies interested in knowing just how easy it is to commit identity theft. His job is to find security flaws before the real criminals find them and educate people and organizations about what they can do to protect themselves.
Today, Stickley is the CEO of Stickley on Security and can be seen throughout the United States speaking on topics that range from basic identity theft to national cyber terrorism. In addition, Stickley can be seen on numerous TV news programs, is a frequent guest on NBC’s Today Show, and is the security expert featured in LifeLock® infomercials.