The use of ransomware, a malware that gets into a device (computer, smartphone, tablet, etc.) and encrypts data locking the user out until they pay a ransom, is on the rise.
According to a February article at Forbes.com, a report by SonicWall, a cyber security firm, estimates attacks in 2016 at 638 million–more than 167 times the number in 2015. Last fall, the FBI urged victims to report the incidents citing new variants emerging regularly.
“In addition to holding data hostage, it can lead to possible identity theft,” says EJ Liggieri wth Quarterdeck Technologies, a St. Pete Beach-based IT and telecom consulting firm. He also says the statistics are woefully underestimated because people are hesitant to report it.
“So you don’t know how bad the damage really is,” says Liggieri, “it’s definitely a lot of money.” Like $1 billion in 2016 as estimated by ZDNet.com, a 24/7 technology news site.
As with any hostage situation, a key question is do you pay? ”But what happens if it’s your kids’ pictures since they were three? How devastating would you be if you had ripped up all the old ones and just had them digitally? You might pay it,” he adds. Payments are demanded via anonymous currency accounts like bitcoin, and paying the ransom is no guarantee the data will be restored.
Ransomware and other malware is spread via phishing attacks, browsing the Internet and installing unsafe applications. Liggieri says, “90 percent of computer problems are caused by clicking on links in email.” It starts when someone receives an email with a request to click on a link to get something: a file, photos, a special deal. It can be from someone you know which might not make you suspicious, but they could have been hacked. He suggests running the mouse over the link which pulls up the address so you can see where they are trying to get you to go. If you don’t recognize it, don’t go there.
Senders should also put specifics in the subject line or in the email so the recipient has a level of confidence that it is safe. “Click here to download the photos,” is very general and should trigger a flag. “Click here to download the photos from the chamber event on Tuesday,” should give the recipient more confidence that it is a valid email.
For periodic newsletters, be suspicious if they came out on a different day than normal or the formatting looks different.
“If you are on a network that’s public, like a guest Wi-Fi where you don’t have to login, it’s wide open so anybody can go on and tap into your device and see if you’ve got antivirus, anti- malware and firewall protection. If you don’t, there are a lot of tools out there that can be used to break into devices,” says Liggieri.
“Make sure you have firewall, antivirus and anti- malware software installed,”he adds. A suite with all three should be adequate for most people. Also, make sure to check for and download updates to the operating system and other programs. Also, make sure to check for and download updates to the operating system and other programs. Those updates have patches created specifically to counter the most recent cyber threats. Those updates have patches created specifically to counter the most recent cyber threats.
Users also should back up their data to mobile or removable media. When a system is hacked, it will infiltrate anything that is attached to it. And don’t look to the cloud for help. Data stored on remote servers accessed from the internet are designed to replicate files each time the data changes. When data is hacked, it changes and it will be replicated in the cloud storage. Also keep in mind data can be lost during floods, hurricanes and other natural disasters too.
If you are hacked Liggieri suggests doing the following:
And report the crime to the Internet Crime Complaint Center, at www.IC3.gov.