Tech News

Protecting Yourself From Ransomware

This year I've helped several clients recover from a virus that has encrypted all their personal files, demanding a ransom for their return. I've had mixed success. The encryption is real and unbreakable. In certain circumstances shadow copies of files can be recovered, but this is not always possible.

Who is behind this? Organised crime. The ransom is priced to be expensive, but affordable, and charged in Bitcoin.

"That won't happen to me! I've got an antivirus program" Wrong. In all cases, the antivirus program will detect the virus hours, maybe even a day or two, after it has done the damage. Why? Antivirus solutions are largely reactive in nature.

  • First, the malicious software is released by the perpetrator, in this case by a wave of emails.
  • Hours later the software companies that update your security software detect and define the threat.
  • Hours later again, the digital definition of the threat is sent to your antivirus program by way of an update. At this point you are protected. Before this... not so much.

What can you do to protect yourself? Be smart. Take note of the sender's email address at the top of the email. The part of the email address following the @ symbol is the domain name of the entity. Pay attention to that domain name and ask yourself "would this Australian entity likely to use that domain name?"

For example, it's true that Australia Post may send you a message about your package. When they do, what domain would the email be from? You would expect it to be something like ####@auspost.com.au, not ####@austpost.biz

How about an AGL bill? Again, you would expect it to be from ####@agl.com.au, not ####@agl-bills.net

As you can see, this takes a bit of careful inspection, and when you are busy trawling through a pile of work, your personal vigilance may fail you.

The sure way to protect yourself against the fallout from ransomware is a backup system. If you need help to ensure that you can successfully recover from this kind of problem, please get in touch with me at InSitu Computer Repair & Tech Support. I'd be happy to install and configure a backup solution that suits your needs, or come and check the setup you've got, to ensure it's working well.