Ransomware and Backups

One form of malicious software (malware) is ransomware, which renders your computer unusable and demands that you send money to the hackers in order to unlock it. In one form, it claims that the FBI (or some other authority) has discovered your illegal activity (looking at X-rated photos, downloading copyrighted materials, etc.) and demands payment of a “fine.” In another form, it admits to being malware and offers you the chance to “clean” your computer for a fee.

Particularly nasty ransomware titles include WannaCry and Cryptolocker (or Cryptlocker). These encrypt your important data files and demands you buy a password within a short time to unlock them before it deletes them forever. (See references linked below.)

I recommend that you never send money to hackers (they are evil; you don't want to support them) so your best defense is to keep good data backups and to avoid getting infected in the first place.

I can't tell you how many times I have had this conversation with a client:

Rich:I'm sorry to report that your system is corrupted beyond repair. I recommend that we re-format your hard disk, re-install your operating system, and restore your data files from backups.
Client:What backups?
Rich:You know, the ones you ran yesterday, before your system went down.
Rich:Or, the ones you ran last week.
Client:Last week?
Rich:Or the ones you ran last month.
Client:Last month? I don't have any backups. Is it too late now?
Rich:Yes, it's too late now. I am so sorry.

My number one rule is, “Never live with just one copy of important data.” With external hard disks under $100 at warehouse stores, I run incremental backups each day, and every few weeks I take a full system backup to the safe-deposit box in my bank. What do you do?

Faux Ransomware

I have recently learned of new scam which I call Faux Ransomware (or “False Ransomware,” for those who prefer English over French).

Malicious scammers post a web advertisement that contains code to lock up the browser (apparently the whole computer) of anyone who opens it and displays a demand for payment to unlock it. If the recipient of such an ad would either kill their browser from Task Manager or restart their computer, everything would be fine, but some victims don't know what to do and pay the ransom.

Technically, this is not true ransomware (in that it does not really encrypt its victim's files) but a kind of Phony Tech Support Scam but I list it here because of its appearance.


Index to all of Rich Pasco's articles on e-mail and viruses

Rich Pasco's home page

Copyright © 2010-2017 Richard C. Pasco. All rights reserved.