To Pay or Not To Pay: That is the Ransomware question
The scene reads like something out of an epic historical film - A roving band of criminal
masterminds, heading through the sprawling countryside are stealing precious tomes that
contain secret information of extreme value to their rightful owners. The lawless marauders hold
each and every tome under a unique system of lock and key, and only they know the right way
to unlock the system. If anyone else dares try to breach their locks, the systems will selfdestruct.
The henchmen tell the poor victims “Ya’all better pay up or you can kiss your precious tomes
goodbye… Mwahahaha!”
Let’s go back to the shuddering victims.
Each unfortunate one wants what is rightfully his or hers. They have worked years to cultivate
the information in the captive tomes. In but a moment, all has vanished, taken from them.
Each one also knows that he or she could pay up and go along their merry way, with their own
tome safely out of the marauder’s hands. But they also know that by paying up, they are paving
the way for more theft, more lawlessness, more corruption.
|
|
What would you do?
Sadly, this is a question that thousands of people find themselves asking each day.
Ransomware, the hottest attack method for hackers at the moment affects upwards of 10,000
people in the US each day. Experts expect that number to increase over the course of the year
and the unlock fee is usually between $400-600.
|
There are a few different methods ransomware creators may use to block access to files so they
can blackmail their victims, but the biggest and baddest method uses super strong forms of
encryption and this is known as crypto-ransomware. What this means essentially is that it
covers files in an unbreakable layer of encryption and this is the main type hackers use today.
The crypto-ransomware family includes such well known baddies as Cryptowall, Locky,
TeslaCrypt, CryptoLocker and all the other ones you hear about on the nightly news. To put it
bluntly, if your data has been encrypted, you’re pretty much out of luck. Sorry buddy.
And then there is encrypting ransomware. This is the main kind of ransomware that hackers
use today mainly and it includes such well known baddies as Cryptowall, Locky, TeslaCrypt,
CryptoLocker and all the other ones you hear about on the nightly news. To put it bluntly, if your
data has been encrypted with the methods most modern versions use today, you’re pretty much
out of luck. Sorry buddy.
To pay up or not to pay up, that is the question
And if you do end up getting hit with ransomware (we really, really hope you don’t though) you
might find yourself asking that same question:
“Should I pay up or not?”
Paying up sure looks like the easy way to deal with the problem. Save for the necessity of
setting up a bitcoin account in order to pay the unlock fee, which can be super-tricky for nontechy
types, giving into criminal demands might seem like an easy and attractive option.
But here’s the thing - this is just what the hackers are hoping for. They’re hoping that you’ll feel
exasperated and out of options - and enough so to pay up. And now you have just helped fund
their next swimming pool, Tesla, or worst case scenario, their next bigger, badder ransomware
attack.
So before you pay up, let’s discuss the reasons that paying up is not the most ideal way to
handle the situation (okay let's face it, nothing about this situation is actually ideal, - ”ideal”
would be not needing to deal with a ransomware attack in the first place, but we digress).
- 1. You really can't trust hackers -Sure, they say that they will decrypt the information after
you pay the fee and then everything will be a-okay. Remember that these are the same guys
who just hacked your computer. Statistically speaking, most hackers do release data once they
receive payment but there is no “Get your information back guarantee”.
- 2. Paying up fuels their fire -As we said above, every time someone pays up, it reinforces the
hacker’s tactics and supplies them with more funds to develop more sophisticated methods.
According to Troy Gil, security researcher at AppRiver “Keep in mind that the only reason these
thieves keep making these attacks is because people are paying them”. ‘Nuff said.
- 3. They might come back for more -They say lightning doesn't strike twice but in this case
it’s seriously not true. Once hackers see that you are willing to pay, they think of you as
profitable and there is nothing stopping them from coming back for a second helping (and third
and fourth… you get the idea).
It’s not all doom and gloom though. There are some easy preventative steps you can take
keep ransomware off your computer and ruining your day:
- 1. Create several versions of backups -This step won't actually keep ransomware off your
computer but it will make it so much easier to not give in to the hackers demands. Backing up is
important on so many levels but in this case, your backups can mean the difference between
being in control of your data and being controlled by baddies. Make sure to have several
versions of backups (don’t overwrite one backup with the other) so you will always have a clean,
non-encrypted version of your files you can restore.
- 2. Stay away from shady links and attachments -One of the main ways ransomware enters
computers are via links and attachments. Let’s imagine for a moment that you get an email with
an attachment or link within the body of the email. You aren’t really sure you recognize the
name of the sender, but you can’t say for sure that you don’t know them.
Chances are, this intentionally vague email is coming from someone with less-than pure
intentions. To make matters even more complex, hackers might actually use hacked email
addresses of people you know to make their rouse appear even more legitimate. So rule of
thumb, before you open any attachment or click a link, make sure you know who the sender is
and that it’s legit. Make sure everyone on your home network and at your workplace are aware
of this as well - it only takes one person clicking an infected link to start an attack.
- 3. Patch and update all software and operating systems -The other main way that malware
including ransomware enters system is by exploiting critical vulnerabilities in outdated operating
systems and software. By patching and updating software and your OS as directed by Windows,
you effectively seal off one of the most common entry points for baddies.
- 4. Keep your antivirus up to date -All ransomware starts out with some sort of malicious
code sneaking onto your computer. A reputable antivirus program like ZoneAlarm Antivirus
keeps that malicious code from being executed on your computer, thereby curtailing the
ransomware in the first place.
Following these steps should greatly increase your chances of recovering from a
ransomware attack unscathed.
But sometimes things aren't quite so black and white and you simply need your data. We
understand that it’s not so easy to say carte blanche, “Never pay up”. If you find that you need
your data and you don’t have it all backed up, (think hospitals and their patient medical records)
there is one trick you can try to soften the blow: Ask the baddies for a price cut.
Oddly enough, this has worked in the past. A lot of ransomware operations have a customer
support email address and you can ask them to cut you a break. Sure, we don’t approbate
negotiating with terrorists but if you simply have to, you might as well get a discount. You might
also want to call the police or other law enforcement agencies. They can’t really help but they
like to be made aware of ransomware attacks as with all serious crimes.
Still and all, your best bet is to follow the above steps to prevent ransomware from hitting your
computer. No one wants to have to pay, no matter how much of a price break you get. When it
comes to ransomware, a few ounces of prevention will prove to be your very best friend.
|