03 April 2016

RansomWare 1,
The Threat


by Leigh Lundin


 WARNING  A particularly vicious type of virus poses a severe risk to your computer’s contents. It’s called RansomWare and it’s coming to a computer or cell phone near you.

Although no longer engaged in software design, I enjoy keeping an eye on technology. RansomWare had risen on my radar as an up-and-coming annoyance, but I hadn’t appreciated the level of threat it’s become.

Virus sophistication has risen from the early cutesy messages to vandalism to zombie-bots… hidden programs that turn your computer into a secret spam server. In the past, viruses were largely preventable and recoverable.

That’s changed. Bad guys have figured out how to monetize infections that can wipe out your photos, movies, letters, tax records, your home and work content. They can obliterate your recorded life.

The viciousness doesn’t stop at the personal level. We know only of attacks made public, but ransomware has assailed small businesses and large, county offices, schools, charities and non-profits.

The criminals behind the scenes have no compunctions. A favorite soft target has been hospitals where lives hang in the balance. Forensic experts believe some of those penetrations were deliberate attacks from the inside. To wit, someone deliberately hand-planted a ransom virus in hospital computers.

Even police agencies have been hit and– to the disgust of many– they paid the ransom. How can criminals be stopped if police dump public money into their coffers? For all anyone knows, the attackers may have been terrorists or state-sponsored Daesh/ISIS or al-Qaeda, China or North Korea, all badly in need of euros and dollars.

Destroying a victim’s computer’s contents can ruin years, even decades of work and study, crucial research and development. RansomWare can devastate careers and ruin lives. It even takes lives, at least three known victims, father-son deaths and a student suicide.

What is RansomWare?

A type of virus or infectious malware, ransomware invades a computer, renames and encrypts your files with mathematical, non-reversible encoding. The malicious program then offers to reverse the damage in exchange for a demand ransom ranging from two- or three-hundred in dollars, euros, pounds sterling, or the equivalent in untraceable bitcoin, into thousands. If the black hats recognize a high-value target like a hospital or government agency, they may demand tens of thousands of dollars. Some programs set a three-day deadline after which they promise to wreck the machine beyond repair.

The ransom virus lingers in the target machine long after the damage is done. Worst of all, victims face a substantial probability that even if they pay the ransom, they won’t get their files back.

At present, the worst of ransomware mainly attacks Windows computers, but Macintosh and Unix/Linux users shouldn’t grow complacent. One Mac malware program contains no mechanism to restore files after payment. Black hats have already breached a major Java component (JBoss) and some ƒ-head will figure out how to devise a devastating Unix-based attack. It takes little more than catching a human in a weak or distracted moment.

W-D USB back-up drive
W-D My Passport back-up USB drive
Now is the time for all good men and women…

Kindly accept today’s article as a heads-up, a wake-up call to take steps now to deal with this eventuality. Writers among us may be able to glean facts for a fine techno-thriller, but safety comes first. We’ll be discussing
  • backup, backup, backup
  • computer settings
  • modems, routers, firewalls
  • virus prevention and ransom software
  • pop-up and email software ‘updates’
Back-up

Next week I’ll share more detail but consider immediately buying one or more external drives for backing up your important files:
  • Western Digital USB Passport series starts about $45 including Mac and Windows back-up programs.
  • Flash drives are conveniently small although speed ratings of larger capacity drives can prove excruciatingly slow. These are convenient if you concentrate on backing up your data rather than your operating system or programs, which you can presumably otherwise recover.
  • Safest and cheapest of all, you can toast a permanent copy of your data to a Blu-Ray DVD if you limit your back-up to data only. Prices start around $120 for single-layer 25gig drives and increase for dual, triple, and quad-layer models. Single-sided media cost less than a dollar a disc; dual-layered discs run less than three dollars.
The key factor is to backup weekly or as frequently as your willingness to risk your most recent data allows. Then, once you’ve taken a backup, disconnect that drive from your system so it won’t fall victim to a ransomware infection.

Take an extra moment and visit your Control Panels (Windows) or Finder Preferences (Mac). Change the default setting to show all file-name extensions. I’ll explain why next week, but it may help you catch malware masquerading as innocent files.

Stay safe. See you next week with malware vampires and zombies.

9 comments:

janice law said...

I feel my paranoia increasing, even though I always keep a print copy.
Question: how safe is it to back up via iCloud or Google drive?

Leigh Lundin said...

Janice, I’m a believer that there’s no such thing as too many backups and the more backup technologies, the safer. Cloud backups may take some time depending on your internet speed, but they provide extra protection.

The Macintosh’s Time Machine is a valuable product– I use it– but it assumes a constant backup drive presence because, by default, it backs up continuously. However, it’s also possible to manually backup with Time Machine– I do that as well.

I also use detachable external drives and, thanks to a friend, back up to a NAS (net area storage) unit, which itself is backed up. As you can tell, paranoia is alive and well here, dating back to my days in software development.

I’ll go into more detail in a future article, but (a) take backups often and (b) ensure at least one of your backup drives can be detached and stored off-line. It could save your digital life and your sanity.

A Broad Abroad said...

Like Janice, I felt the paranoia levels rising whilst reading. Thanks for the warning and advice.
Not an IT specialist and have no justification for this next comment, but am leary at the thought of storing sensitive data with a third party like iCloud.

Leigh Lundin said...

ABA, long-time computer developers like myself and immediate colleagues don’t fully trust the ‘cloud’ either. More specifically, we consider the cloud viable for backups of our backups, but not as our primary backup or work source. Our belief is that too many things can go wrong– power outages, satellite/cellular/landline outages– depriving the user of his/her data.

Considering the question of security, most of the veteran companies like Apple (iCloud), Microsoft (SkyDrive/OneDrive), and Google (Drive) are likely as secure as can be expected from a non-military standpoint. I expect the European offerings are reasonably secure as well such as HiDrive and SwissDisk.

However, a dismaying number of smaller companies with excellent products have gone belly up. They typically give 30-60 days notice or more, but it often leaves customers scrambling to download anything critical and looking for new home.

With a NAS unit (network area storage), you can create your own cloud storage, but you need some technical expertise and the entry price is close to $400US.

A practical possibility is to purchase drives or Blu-Ray discs, then keep a copy ‘off site’ as we say in the business, perhaps at your parents’ house. In case of a fire or burglary, you have a spare copy. Likewise you can keep one of their backups at yours.

Anonymous said...

Extremely timely and useful information. Better scared now than hit later, I guess I would say. I look forward to the rest. (And I have just changed my preferences to show file extensions.)

Leigh Lundin said...

Thank you, Anon. RansomWare can be unnerving at best and devastating at worst.

I'll go more into this later, but the idea behind showing extensions is that you might not notice ImportantDoc.pdf with extensions hidden, but you might catch ImportantDoc.pdf.exe, a nasty surprise program masquerading as an innocent document.

Eve Fisher said...

I keep backing up to flash drives - I have about three of them - that can hold all my data. I figure the system... well, I'll worry about that tomorrow - after all, tomorrow is another day!

Leigh Lundin said...

So it is, Eve. You're on the right track. Well done.

Anonymous said...

Another article  underscores the advice.

http://finance.yahoo.com/news/what-to-do-ransomware-hackers-011857871.html