Thanks to a new world order that was ushered in by the pandemic, a lot of people are working from their homes instead of the office. Computers and Wi-Fi networks are doing double (or triple) duty, being shared by people trying to do business as well as family members using the same network (or even the same devices) for classes and homework, web browsing and game-playing, banking and finance, and more.
Most of these activities generate data, which is stored on the computer. Automatic, scheduled backups – something many people working in offices on dedicated networks take for granted – may not happen while the device is being used by someone else or might wait until someone remembers to manually perform them. Or they might not happen at all. This creates a perfect environment for cyber-attacks, including ransomware attacks.
If you have all your latest data backed up in the cloud (or on a separate hard drive), you can still access it. If it is not backed up, you might be willing to pay to get it back. Enter the ransomware demand.
What is ransomware?
Ransomware is a type of malware (malevolent programming), usually initiated via a phishing message. If you find the phishing message enticing enough (you’ve won the lottery) or scary enough (your grandson is being detained at the border) to click on, the process of infecting your computer (or tablet or phone) begins. That simple click initiates a connection back to the attacker, giving them the information needed to encrypt your device (think of encryption as a master password that only the hacker has). Once this happens, you’re locked out of your data, and possibly your device as well.
Once your irreplaceable data is locked up, it’s time for the ransom note. Typically, the attacker demands a sum to be paid in cryptocurrency such as Bitcoin (which is instantaneous and untraceable) in order to release your computer and files.
What to do if your device gets infected with ransomware
You should not respond to a ransom note on the screen. Paying the attacker is unlikely to get your device or your data back. Once they have the money, all that there is to motivate a cyberthief is their sense of honor, which is probably non-existent.
- If you work at home for an employer, contact their IT security department to allow them to trace the source of the infection. If you don’t have access to that sort of resource, call the police.
- Use a separate, uninfected device (one that wasn’t on your network at the time of the attack), to immediately change the passwords on every account that might have been compromised.
- If your attacker may have acquired personal and/or credit card information, put a fraud alert on your account at the three major credit reporting bureaus (Experian, TransUnion, and Equifax) and contact your credit card company, which will issue you a new credit card number and shut down the old account.
- Let your bank and other financial institutions know that your information might have been breached.
- Consider hiring a professional technician to clean up your computer drive and remove any malware, then set up a regular backup routine.
- In the future, make sure all your data is backed up to at least one, and preferably two, different places (a dedicated hard drive and/or a cloud account). Set up your devices so that these backups are done automatically and frequently.
Best practices for protecting yourself, your family, data, and devices
We all make mistakes. Learn from it and practice good computer hygiene in the future.
- Do not open emails from anyone you don’t know, or that you aren’t expecting to receive.
- Don’t click on links in messages.
- Avoid opening attachments in messages.
- Remember: if it sounds too good to be true, it probably is.
- Don’t provide personal information to anyone you don’t know to be legitimate.
- Install anti-virus/anti-malware software on your device and keep it up to date.
- Apply updates and patches to all your apps and your operating system, as they become available.
- Don’t browse suspicious sites, which may be made to look like a legitimate one.
- Never respond to pop-up windows instructing you to call a number for support. Once you allow the attacker to remotely access your device, they will install additional malware on your device instead of removing it – and the whole process can start over.
This article is designed to provide informative material and is distributed with the understanding that it does not constitute legal or other professional advice. Opinions expressed herein are subject to change without notice. Information has been obtained from sources believed to be reliable, but its accuracy and interpretation are not guaranteed.