How to protect yourself from ransomware
February 23, 2016
There’s no shortage of hackers on the Internet, and everyone is vulnerable. Recently, a Los Angeles hospital found this out the hard way.
Hollywood Presbyterian Medical Center realized something was wrong when employees couldn’t access its computer system on February 5. The system had fallen victim to ransomware. According to TechInsider, ransomware is a form of malware that “works by either holding your entire computer hostage or by blocking access to all of your files by encrypting them.” Once infected, the victim must pay the hackers for the decryption key in order to get the files back. The CEO of the hospital said, “The quickest and most efficient way to restore our systems and administrative functions was to pay the ransom and obtain the decryption key. In the best interest of restoring normal operations, we did this.” Ten days and 40 bitcoins (roughly $17,000) later, the hospital got its computer system back.
How ransomware works
Hackers send out emails that attempt to trick individuals into downloading something. Usually this is a bill or invoice that comes in the form of a Word document. Ryan Kalembar, the senior vice president of cybersecurity strategy at Proofpoint, a data security company, explains the rest, “People click on that. They always click on it. And by clicking on that Word document, it pops up an ‘enable content’ yellow bar. And if you click on that, that is the final click and it is over. It begins to lock your files with a key that only the attackers and cyber criminals have.”
Once your computer system is infected, you’ll receive a demand for ransom if you want to get your files back. It’s usually $500 or more for the decryption key, and you won’t be able to access your data without this key. According to CBS, ransomware attacks have been on the rise. A 2014 report from the antivirus software maker Symantec reported that ransomware attacks increased from 100,000 in January 2013 to about 600,000 at the end of 2013.
And just this month, a new strain of ransomware has emerged. Known at Locky, the first attack was sent to nearly half a million victims on February 16. Since then, it’s being estimated that anywhere from one to five computers are infected each second.
Should you pay?
If you’re faced with this situation, should you pay the ransom? There isn’t a right or wrong answer, and it depends on the situation. In the case of hospitals where lives and personal information may be at risk, sometimes paying the ransom is the only option.
But, giving money to the hackers fuels the cycle. CBS reported that when Hollywood Presbyterian Medical Center paid the ransom, “It marked a dangerous escalation in the high stakes surrounding ransomware.” It also made the hospital vulnerable to future attacks. If individuals pay the ransom once, cyber criminals are aware that these people are willing to pay, and they may be targeted again because of this.
Ways to prevent becoming a victim
- The best way to prevent a ransomware attack or any virus is to avoid clicking any links or opening any attachments from people you don’t know.
- Keep the software on all your devices up to date. This ensures any vulnerabilities are patched.
- Limit the amount of time spent logged in as an admin. When you are logged in as an admin, avoid any online browsing or opening documents.
- Install Microsoft Office viewers. This lets you see and inspect a document without actually opening it.
Besides these important steps, you should always back up files on an external hard drive. That way if something does happen to your files or you’re a victim of ransomware, you will have copies of any important documents or data.