There's been an major increase in Ransomware attacks - these are where files on your computer (or even your entire business IT system) are rendered inaccessible unless you pay a ransom. These kind of attacks are not new - they've been around since the early 1990s, but they are becoming more prevalent and the criminals are getting smarter at targeting particular individuals or companies and making their emails look genuine.
One way they target people is by putting a link in an email that sends you to a website that can exploit a vulnerability in software that you haven't recently updated. It looks like nothing has happened, but you could get a screen that threatens to delete all your files if you don't pay a ransom - normally using Bitcoin. In some cases, especially targeted attacks, the virus can spread across a network. Criminals are also using file attachments although people are getting better at spotting these. As well as ransomware attacks, your computer could be infected by Malware such as programs that deliver unwanted adverts or you could be subject to a phishing attack where criminals try to get you to enter password or credit card details.
You may think that you are unlikely to be targeted, but if a criminal gets even a few pounds for each attack, it soon adds up. There are even reports of demands that allow you to recover your files if you send the virus on to infect two other people.
Apart from not not opening attachments and not clicking on links there are ways that you can protect yourself against ransomwear attacks:
- Check who the email is from - Criminals can spoof email addresses so as well as looking at the senders name and email address, consider the wording and style of the email. Simple examples are using slightly different email addresses - for example we got an email purporting to be from Amazon but the email address was email@example.com. Apart from that the email looked genuine.
- Backups - Note that this is plural. In order to be secure, you should back up your files regularly with both point in time backups as well as incremental backups. You should test that you can restore from these backups and you should have more than one. The point in time backups allow you to recover from an attack that could have been planted earlier but not triggered. Incremental backups means that all your files should be protected. Don't forget to consider the security of your backup solution and also its physical location due to data protection laws.
- Keep software and firmware up to date - You've probably noticed that software sometimes asks you if you want to update it. This can often be to fix security exploits so you should ensure that automatic updates are enabled or you don't just ignore the request.
- Carry out regular scans - Ensure your anti virus software is up to date and scan your computer to ensure you don't have any Malware.
I you know what to look for, it's not always doom and gloom. If you are sure about the sender, you will be able to see if you hover over the link the actual url that you will be taken to. If you are happy with that, then it's fine to click.
If the worst does happen, it's a moral question for you about whether to pay the ransom. In any situation like this, official advice always has to be don't pay. However in a practical world, the cost of paying may be better than losing your files.