You’ve just wrapped up that novel you’ve been slaving at for years; finished the make-or-break confidential report for your boss; perfected the spreadsheet containing all your client’s accounts. Most of your work was done in Microsoft Word docs and Excel, and are stored locally on your computer. After completing all of this work you’re patting yourself on the back and sitting back for some well-deserved R&R. But you messed up. Mistake number one — you do this before sending the documents over to your publisher/boss/client/etc. Mistake number two — you haven’t backed anything up. Next time you sit down at your computer, something’s wrong. Your heart slows as you see your vital files encrypted into gibberish and a message telling you to pay up if you want to get a decryption code. You’re a victim of a ransomware attack and in big trouble!
Why Do You Need Ransomware Protection?
The above are examples of the mayhem a ransomware attack can cause to you personally. Imagine the effect on a multibillion dollar business when every hour of lost productivity costs thousands to millions of dollars. While some attacks are motivated by financial gain, others maliciously target governments and business networks just to wreak havoc. This is why you need ransomware protection.
What is Ransomware? Are you a Potential Victim?
The principle of ransomware is simple — an attacker finds a way to take something that’s yours and demands payment for its return. The most common type is encrypting ransomware that bars your access to your important documents replacing them with encrypted copies. To get the decryption key you need to pay a ransom. These attacks work in the background so that you won’t be aware of it until you receive nasty instructions on how to pay the ransom in untraceable payments. Another type, screen locker ransomware, denies you all usage of your mobile device or computer. However, this variant is easier to defeat and poses less of a threat.
You’re a likely victim if you’ve received a legit-looking email containing an infected PDF or Office doc. If you have any doubt about an email, don’t open the link. Ransomware is basically another type of malware, so they may knock at the door via ads leading to fraudulent websites and there are ways to detect these. If you’re lucky, your antivirus will catch it immediately. If not, you could be in deep water. Remember that even if you always make sure your password is secure and strong, it doesn’t take cybercriminals long to crack your password.
Ransomware Detection & Removal
If ransomware slips past your anti-virus, there is a good chance an anti-virus update will quickly wipe it from your system — but that won’t retrieve your files. Also, ransomware designers knuckle down to navigate around old-school signature-based malware detection. There is, however, a small chance of recovery depending on which strain of ransomware encrypted your files. If your antivirus gives you a name it’s helpful as many antivirus suppliers (Avast, Trend Micro, Kaspersky, etc.) keep a collection of one-off decryption utilities. However, they will need the unencrypted original of just one encrypted file to put things right. Others have a master decryption key. Although there are ways to get around ransomware, prevention is less painstaking.
Anti-Virus Ransomware Detection & Unauthorized Access Prevention
Modern antivirus utilities are not just designed to look for known threats and supplement signature-based detection, but are detection-based — i.e. they watch out for malicious behavior (e.g. Cybereason’s free RansomFree utility; Malwarebytes Anti-Ransomware Beta; Webroot SecureAnywhere AntiVirus; Trend Micro Antivirus+ Security; Acronis Active Protection module; the Data Hijacking Protection feature in Qihoo 360 Total Security).
Since ransomware typically targets files stored in common locations like your Docs or Desktop, some antivirus security suites and tools (e.g. Bitdefender; Avast; Trend Micro’s Folder Shield; Panda Internet Security’s Data Shield; IObit Malware Fighter 5 Pro) thwart attacks by denying unauthorized access to these locations asking the user first whether to allow access or not. If you did not initiate the action, your antivirus will block it.
The best ransomware defense is to keep a current backup of your crucial files with an online backup utility. If you’re device is attacked, you’ve lost nothing and can simply restore your backed-up files.
File Recovery
Beyond just backing up your files, anti-ransomware utility Acronis True Image actually detects and prevents ransomware attacks and this feature will most likely soon appear in other backup tools.
When Trend Micro, for example, detects a skeptical process encrypting a file, it backs up the file. If it sees a flurry of dubious encryption activity, it quarantines the process and restores the backed-up files.
An unusual product, The Kure, restores your PC to a clean, malware-free state every time you reboot getting rid of active ransomware. However, you don’t want to lose your documents and other personal files when this occurs, so The Kure exempts areas like the Docs folder, and maintains a hidden, encrypted copy of files in the exempted folders.
Whether it’s tedious or not, the surest way to endure a ransomware attack is to keep backing up your important files and making sure you have the latest and greatest anti-virus protection that’s ready for any form of malware that comes knocking at your door — one that ensures you have no excuse for missing a deadline!