In the early days of computer security, viruses were largely destructive while often relaying self-aggrandising messages about their authors, or straight up offensive statements about precisely how stuffed your system now was, thanks to corruption of storage media, system BIOSes or other critical computer components. They were the brainchild of often bored and seriously immature minds that found thrills in trying to get away with destructive behaviour. It’s been long time since viruses and malware were simply interested in destruction, however.
Indeed, a lot of malware really doesn’t want to call attention to itself at all, whether it’s sitting silently on a compromised system slurping up personal information and passwords at will for financial gain, or turning your computer into part of a larger network of “zombie” machines for attacks on other systems. The whole idea of that strain of malware is that you’re not meant to know that it’s there. This doesn’t mean that it’s beneficial or you shouldn’t want to know that it’s present, just that its developers design it to stay hidden.
In recent years, though, we’ve seen the re-emergence of malware that actively wants you to know that it is present. Unlike classical viruses that splashed up a DOS screen of flashing text to let you know it was time to buy a new computer, newer malware acts as ransomware, encrypting your computer’s precious storage and offering to provide a decryption key for a set sum, quite often given in the cryptocurrency bitcoin.
Modern ransomware attacks are gaining in sophistication, using a variety of exploits to worm their way into systems, as well as to then try to propagate to newer internet-connected PCs as well. Even as new ransomware strains are detected and blocked, they’re iterated upon with a variety of new exploits, meaning it’s a perpetual game of cat and mouse to keep them under control.
How bad is the rise of ransomware? One security vendor, Symantec reports that it’s blocked some 319,000 attempted ransomware infections in the first half of 2017, compared to 470,000 for the entire calendar year of 2016. Bear in in mind that this is just one security vendor’s reporting, so the total numbers of attacks are likely to be significantly higher.
One interesting statistic to come out of Symantec’s research is the amount typically asked for by ransomware authors, which has now stabilised around $US500. That suggests that the ransomware authors have worked out a sum they feel is worth their time but isn’t so high that people simply won’t pay. Which, and I must stress this, you shouldn’t be doing in any way, shape or form anyway. By definition, you’re dealing with criminal types who cannot be trusted. Once they’ve got your money and your system compromised, you have no guarantee of getting a proper decryption code, and you’re essentially bolstering their illicit criminal model.
So what’s your best course of defence against ransomware? It’s critical to keep your computers (no matter the make, model or operating environment) up to date, because most ransomware will probe using multiple known exploits based on the idea that many systems aren’t upgraded to cover those exact same security holes. Equally, keeping antivirus/antimalware security software up to date is vital, because while it can’t cover every problem, it can solve for many, as well as making you aware when there is or may be a problem with your computer.
While those are must-do steps, for ransomware particularly there’s a simpler step that you should be engaging in anyway, and that’s backing up your own data to an external source, whether that’s cloud backup or more localised backup to an external drive or writeable media source of some type. That’s because if the worst does happen and your system gets locked down by ransomware, and you have a backup of your own documents, photos and other files, you can easily give the whole issue the flick by resetting your entire system, and restoring your files from backup. Yes, it’s a pain, and you’ll have to reinstall the operating system and software applications, but that’s something (especially with online delivery of software) that’s just a matter of time to cover off on. Your own files are the irreplaceable part of the equation, and a backup removes them from being at threat. Just remember to regularly backup, because that way you can access your own content recently created, where an older backup may miss important files or modifications.