Ransomware attacks increased by 485% from 2019 to 2020, with nearly two-thirds of 2020 attacks occurring in the first half of the year. As with other malware, ransomware has become more sophisticated over time, and is now better able to do its damage.
Even though individuals may be hit with ransomware attacks, they are small potatoes to the cybercrooks running these scams. Most are directed at large corporate and governmental organizations and more employees working from home gives the bad guys more ways to access the networks of large organizations. According to TrendMicro, “One compromised home worker can be used as a launching point into an enterprise network.” They suggest following these security protocols to protect your employer’s data as well as your own:
- Avoid giving out personal information that can be used to gain access to more valuable information.
- Use best practices for passwords: Make them long, strong, and hard to guess. And, do not reuse passwords. Use multi-factor authentication and employ a password manager so that you are not overwhelmed trying to remember all of the different passwords you will be creating.
- Windows users should activate Show File Extensions to see what files you are opening which will allow you to avoid suspicious files.
- Only open trusted email attachments.
- Disable your internet connection if the computer exhibits suspicious behavior. It may be a sign that the bad guys are running an encryption routine on your device. Closing the connection could halt the encryption before it finishes.
- Take advantage of all the tools and security features at your disposal. Install and update all security features.
An attack against an individual computer will probably announce itself with a popup saying that your files have all been encrypted and the only way to gain access is to pay some amount of money (usually in Bitcoin or other cryptocurrency). The bad news is that even if you pay you may not get your data back.
The “good” news is that some ransomware notifications are fake and can be ignored—but how can you tell which are fake and which are real? CSO Online suggests several ways to tell if that scary warning that popped up is fake, including using Alt-F4 on Windows and Command-W on a Mac to try to close the window. If it works, the attack is fake.
Having backups of your data will not protect you from a ransomware attack, but it can help you recover. However, if your backups are attached to the infected system, they will likely be useless. If you are backing up to a portable hard drive, only connect it when you are running a backup.
