The internet and connected devices are a gold mine for those wishing to take your money illegally.
People share all kinds of goodies and information that make it so easy that the reward for most internet pirates is worth the risk.
In the most recent ransomware attacks some 200,000 computers and 150 countries, including China, Japan, South Korea, Germany and Britain were victims.
While large companies, hospitals and government agencies are having to pay thousands of dollars to unlock their data. Like the Hollywood Presbyterian Medical Center in Los Angeles had to pay a ransom of $17,000 to unlock their data after a week of trying to break the encryption.
Volume is much better.
Small business and individuals are a much more lucrative endeavor. Think about companies, governments and hospitals have an entire team of IT people on staff and still get hacked.
The payoff is huge, the FBI estimated back in 2014 extortionists (pirates) swindled 27 million dollars in just 6 months from people.
Vault 7 the documents leaked by WikiLeaks of the CIA documents was a treasure trove for those wanting to create havoc and get rich in the process. Information stored digitally is common for most folks.
The magic key to all this! Encryption! Encryption was designed with good intentions. Protect the data you and companies store so that if it was stolen could not be accessed. Pirates now use this tool to not only encrypt your data and but also charge you to unencrypt it. They don’t even have to take possession of anything. All they have to do is keep you from accessing it and depending on how valuable it is. Get you to pay them to give you the key.
In most cases the amounts are small for personal computers, maybe even as low as $100. But if they can attack a large population it can mean millions in one day.
You may be asking how they get paid? Isn’t there a way to track the money. We see it in movies all the time. The computer nerd at the FBI office tracks down payments to the bank of the so called perpetrator in just a few minutes and they are apprehended and the money is returned.
Technology has solved this most inconvenient ability of law enforcement.
Bitcoin is a way to transfer funds electronically without any trace as to who is receiving the payment. No banks, no regulations, no ownership.
The magic bullet to stopping this nonsense from ever happening to you?
Simple but not often done by most. Here is a list of 10 things you can do today to avoid such inconveniences.
1. Backup – If you don’t back up your stuff you risk everything. Backup both onsite and if possible in the cloud. The option is available for most backup software. Also if you backup to a USB attached device to your computer after the backup unplug the thing from your computer. Most ransomware looks for attached storage devices and encrypt the data there too.
2. Patch – This is a term most IT folks use to mean update your software on your computer. Whether it’s your operating system (Windows, Mac etc.) or the software that runs on your computer. Even the ones that update often like Java for example.
3. Protection – Use software detection and removal software like anti-virus and antimalware on all of your devices if possible and make sure you allow updates to this software. I have seen people run antivirus and not allow for updates. Crazy stuff..
4. Unsolicited email links – Never ever click on a link from a sender you have not requested information from. Even if it is from your bank, school or friend. Most ransomware attacks are done this way. If you are told your password has expired or your online mailbox is full and you need to log in using a link to fix that could mean you are a target of such an attack. If it’s your bank for example go directly to their site and change your password there. Don’t just click a link.
5. Periodic Scans – Most antivirus software run scans either automatically or you have to manually start the scan. These scans are helpful and can alert you of a potential issue. Schedule the scans at times you are not using the computer they often slow down your computer and can be real irritating for most people trying to work.
6. Passwords – Passwords are the keys to the kingdom. Treat them as such. You wouldn’t give someone you don’t know the keys to your house would you? Don’t share them write them down and have it out in the open like under your keyboard or taped to your monitor. You may laugh but I have seen it many times. Make sure your passwords complex by adding special characters and symbols.
7. Careful what you share – Providing names to your mother’s maiden name and your first pet on social media can mean disaster especially if that’s what you put as your security question for a website you log in to.
8. Unsolicited calls – I get these calls all the time. This is such and such from Dell for example. There is an issue with your computer. We need to log in to your computer to fix it. Here is the website you go to and put in this code. Unless you have some specific contract with Dell support and are paying them to monitor your computer the likely hood of that happening is zero. Companies like Dell don’t provide IT support for free.
9. Remove software – If you have software on your computer that you haven’t used in a year for example remove it from your computer. Chances are it probably hasn’t been updated and can sometimes have flaws that are discovered after that a hacker can use to access your computer. Outdated software usually have exploits that are common knowledge to hackers.
10. Don’t Share- If you download some cute cat pictures on line from someone you don’t know with a meme don’t share. Pictures can be embedded with malicious code that tracks your computer and can sometimes help download a virus to your computer. Pictures from friends and family are great but unsolicited can open up a can of worms that you are not expecting