Dear Lifehacker, It was recently reported on the ABC that hundreds of Australian computers are being infected with ransomware, which I guess is a form of the cryptlocker virus. It seems that this problem is becoming more widespread. My question is: how can I prevent my computer from being targeted? And is there anything I can do if it’s already too late? Yours, Viral Prone
Ransomware picture from Shutterstock
Dear VP,
Unfortunately, there’s no easy way to circumvent ransomware once your computer has been infected — if there was, it wouldn’t be a particularly viable business for cyber criminals, would it?
After getting into your computer (often via nefarious “free” software downloads for popular titles like Windows 10), it will encrypt all your data files, from your word documents to your photos, videos and PDFs. A demand will then be made for a specific payment with a timer ticking down to the deadline before all the files are destroyed.
In most cases, seizing control of your files without paying the ransom is exceptionally difficult — especially without assistance from security experts. If you elect to use hired help, the amount you’ll pay for their services could be more than the actual ransom. In other words, prevention is definitely the best cure.
Thankfully, this isn’t particularly difficult to achieve, even for a computing novice. You just need to exercise due caution and take appropriate steps to ensure your data remains secure. Here are some general security tips that every computer user should follow:
- Always check your browser address bar for any warnings about a non-reputable site’s identity.
- Always install reputable anti-virus software.
- Always uncheck boxes during software installations if you’re offered extra software to download.
- Always keep your browser up-to-date and enable automatic Windows updates.
- Always configure your browser for a high security level in Internet Options.
- Back up EVERYTHING on an eternal hard drive — and do it regularly.
In addition to the above, there are some things you should never do on the internet. These include:
- Clicking on email attachments from someone you don’t know.
- Downloading something you’re not 100% sure about.
- Installing freeware from non-reputable sites. (Also check for detailed user reviews first.)
Of course, no security measure is completely foolproof. For this reason, it’s imperative to back up your data regularly, as mentioned above. If you have up-to-date backups, the ransom becomes worthless. For advice on backing up your data, check out our in-depth guide. Best of luck!
See also: How The Cryptolocker Ransomware Works | What To Do When Your Small Business Is Hit By A Cryptovirus
Cheers
Lifehacker
Have a question you want to put to Ask Lifehacker? Send it using our [contact text=”contact form”].
Comments
10 responses to “Ask LH: How Can I Protect My PC From Ransomware?”
And remember to unplug it once the backup is done, otherwise the malware will just encrypt that too.
And make sure it’s not one of those ephemeral hard drives. It needs to be eternal.
Better still take a complete image backup of your whole system, and store it off-line. Then if you get caught by the ransomeware, it is a simple matter just to wipe your system and restore from the image backup.
Great article and a timely reminder to be vigilant and backup often.
I’d like to see a list of options on how to decrypt….ok I know probably not something a novice could figure out. But would be nice to hear about what the security experts use and/or the steps they take to at least attempt to salvage your data.
Unfortunately decrypting data from ransom ware isn’t always possible. On occasion, white hackers manage to crack the encryption and they publicly publish the keys for people to unlock their files.
So if you do get stung, determine what variant of cryptolocker you might have (you might be able to tell based on the message that appears on your screen telling you that youre files are all encrypted) and search that term along with “decrypt key”.
An additional option is to use the Local Security Policy editor located under Administrative Tools to create a software restriction policy preventing executables running from the %UserProfile% path. An overview is provided at https://blog.brankovucinec.com/2014/10/24/use-software-restriction-policies-to-block-viruses-and-malware/.
You’ve missed a / on the end of the URL “popular titles like Windows 10”
… or more accurately, an ‘h’ at the beginning (its currently ‘ttp://www…’)
Acronis is a great backup software for those looking for something good.
useful back up options.
can do a full backup on installation and then you can schedule it to do incrememntals when it detects a specific device plugged in (portable Hard drive).
also, the type of back up it does is a system image, so should you pc shit itself, you can just use the acronis boot disc (which it lets you create from the installed software) and reimage your computer from one of the backups on your drive.
You forgot the Number 1 most effective way to stop infection – Run as a limited user.
Yes, it is annoying in the beginning, having to sign in as the admin account to make changes, but it will prevent the majority of virus/spyware/malware/etc attacks. All systems I maintain (I work for a large MSP, and have a boutique pc build co on the side) all get configured to use a limited account. If it is a personal pc, I give them the details for 2 accounts, the limited and the admin account and stress that the admin account should only be used if they initiate a change, if they don’t and it prompts they know something is up!
One thing to remember with backups and the likes of crypto locker – Keep cold backups, as cryptolocker et al will scan for attached drives and encrypt the data it finds. A backup is no good if it encrypted as well! Best way to do this is to backup over the network (if possible) and don’t have the backup location mapped, or use a rotating pool of USB drives (Drive 1 Mon, Wed, Fri, Drive 2, Tue, Thur Sat) etc to help mitigate this issue.
Unfortunately, these kind of attacks are here to stay and as long as they keep using the tried and tested crypto, there isn’t much that can be done except prevention.
Yeah I had problems with my computer, but I’ve never actually think about making my files safe. I’ve heard about Impedio Security, got the trial and guys, this is perfect. For someone who’s not so good with all the computer stuff, this software really changed everything. It does not lag my computer, you don’t have to remember about scanning your volumes, Impedio does it for you. The most important and awesome thing is that it analyzes each of your operations in real time, and does not use any algorithm or patterns. That is much more safer, at least from what I’ve heard. Anywho, I am increadible happy with this security shield and ransomware are not my problem anymore 🙂
Simplest way to avoid ransomware is to stop running Microsoft Windows.