Sunday, July 16, 2017

Digital Dangers: Ransomware

Ransomware protection tips
Ransomware is, in effect, a monetized version of malware.  Ransomware is malicious software designed to extort money from its victims.  Ransomware takes control of victim data and threatens to publish or purge pending payment.

The rise and spread of ransomware are of concern globally and locally.  Recent reports of WannaCry, Petya and NotPetya, amongst others, wreaking havoc on international systems are becoming more frequent.

Earlier this year, SchoolManagerJa, a cloud based grade administration tool for local educational institutions, found its data externally encrypted, thereby blocking their access.  The hackers demanded the handsome sum of US$5,000.00 for the release of the data.

Neither SchoolManagerJa nor the 14 schools affected paid the ransom.  In a Gleaner report, SchoolManagerJa owner Michael Dingwall commented, “I can't pay them. Even if I should pay them, it's almost certain they would not unscramble it [the data] because what they did is a crime. All I would be doing if I pay them is contribute to a crime to help them to do this to other people, and, perhaps, to come back and do it to me in the future.”

Many other local cases remain unreported.

Ransomware is disseminated in various ways with phishing and click bait being common ways malware can infect systems and exploit security holes, like outdated and vulnerable operating systems (OS), to launch its destructive capacities.

Hackers often request payment in Bit Coin, a hard to trace crypto-currency.  Security experts advise victims not to pay ransom for data because there is no guarantee of recovery.  Further, each payment provides encouragement to hackers to deploy ever improving ransomware efforts.

There is no foolproof way to shield your system from a ransomware attack, but by following these seven steps, you increase your odds of keeping your data safe.

Tip 1: Schedule and run frequent security checks

Tip 2: Install or update to the latest OS, software and security updates and patches

Tip 3: Update and run anti-virus and anti-malware software frequently

Tip 4: Encrypt and frequently back up sensitive data

Tip 5: Create a unique username and password for every account and change regularly

Tip 6:  Clear cloud based messaging app conversations

Tip 7: Beware of public Wi-Fi; use a VPN, private browser and a firewall for maximum protection

RJR's Tech4Life airs on @RJR94FM every Wednesday at 8:15 am