Ransomware is a particularly nasty form of computer virus that encrypts your data, then demands payment for the encryption key. Why is ransomware so hazardous, and how can you remove it?
Ransomware is vicious because it doesn’t just render your computer unusable. It encrypts all of your files, including those on networked computers, removable drives, and server volumes. To get the key to unlock the encryption, cyber-criminals demand that you pay.
Ransomware Affects Computers and Mobile Devices Alike
No electronic device is safe from ransomware, although different strains infect different kinds of devices. Windows and Mac computers alike can be hijacked by their own ransomware variants. Mac folks, don’t be lulled into thinking you’re not vulnerable; in fact, you might be more susceptible if you’re not taking precautions. Believe me, Macs need antivirus software just as much as Windows PCs do. I’ve been disinfecting Mac viruses for nearly 30 years, and ransomware is about as vile as they come.
Mobile devices like tablets and phones can be infected, too. Small business servers can harbor ransomware, especially if they’re not frequently updated and maintained. Ransomware slips through unsecure networks and public WiFi, infecting anything it can find. And once it’s entrenched, it can be difficult to remove.
Who Can Be Infected By Ransomware?
Ransomware can strike anyone from individuals to large corporations, hospitals, and cities. Don’t think you can’t be affected because you’re “only” a consumer, or because your small business is “too small” to be a target. These are wide-ranging cyber-attacks that will sweep up any vulnerable device in their paths.
The city of Baltimore was hit by ransomware in 2019, and ended up paying a $6 million dollar ransom. The U.K.’s National Health System (NHS) suffered a ransomware attack that caused disruptions in patient care. The attack cost almost £100m and led to the cancellation of 19,000 appointments. In Germany, a woman died due to a delay in hospital treatment, in what may be the first death directly linked to ransomware.
The FBI’s Internet Crime Complaint Center (IC3) reports that in 2019, they collected 2,047 complaints identified as ransomware with adjusted losses of over $8.9 million.
Should You Pay the Ransom?
There’s some debate among computer security experts as to whether it’s better to pay the ransom or not. Some say doing so only encourages criminal behavior. Others, especially victims faced with impossible costs in repairing and restoring data, choose to do so anyway. While the ethics of paying the ransoms are the topic of much debate, the fact remains that preventing ransomware from gaining a foothold is infinitely easier than getting rid of it once it’s there.
How To Avoid Ransomware
Reliable offline backups are your best protection against ransomware as well as many other Internet threats. By offline, I mean not physically connected to a computer or network except when it’s performing the backup. What is not connected cannot be infected, at least not easily (let’s leave the discussion of near-field communication security for another time). My backup guide for Windows and Mac users explains what you need to know about creating and maintaining backup strategies for your systems.
All of my usual security recommendations apply as well. Use a top-quality antivirus program, and keep your computer up to date. If you’re on an obsolete version of Windows or Mac, now’s the time to upgrade, because old systems can’t be adequately protected from the latest strains of ransomware. Check your default security settings, and use strong, unique passwords on every site. Secure your home and office networks. Avoid using public WiFI, or if you must use it, do so only via a virtual private network (VPN).
Here are my easy-to-understand guides to Windows, Mac, and mobile device security for home users, plus my recommendations on how to maintain strong, unique passwords.
- Tech Tips: Security Basics For Windows Users
- Tech Tips: Security Basics For Mac Users
- Tech Tips: A Home User’s Guide to Mobile Device Internet Security
- Tech Tips: How to Create Strong Passwords (2020 Edition)
For small businesses, employee education is key. You can provide email reminders, tip sheets, and training guides to teach employees how to recognize and respond to ransomware. Need help? Please contact me and I’d be glad to discuss your needs.
What to Do If Your Computer Is Infected By Ransomware
Despite all of our precautions, sometimes ransomware gains the upper hand. What should you do then? How can you restore your data and return your computer to working order?
Again, I’m praying you have a backup that wasn’t connected when the infection occurred. This is vital. If you don’t, your chances of recovering your data are not great. Still, there are resources that can help.
If you’re a consumer, the FBI has guidelines on what to do if your computer is infected with ransomware. They recommend that you contact your local FBI office or police department, or file a report with the IC3.
The FTC has a guide for small businesses on ransomware prevention and response. They also recommend that you contact your local FBI office for assistance if your business is impacted by ransomware.
Do you have questions about ransomware? Feel free to ask in the comments, and sign up for Tech Tips by email for weekly computer news and advice for Windows, Mac, and mobile users. You can also follow Tech Tips on Facebook.
(This article was originally published in March 2016 and has been updated with new information.)