Wednesday, November 29th, 2017
The RCMP and the Canadian Anti-Fraud Centre (CAFC) have issued a warning to Canadians about the spread of ransomware. Recently, there was a lot of news coverage about the WannaCry attack, and every month it seems like there's a new danger online.
According to the CAFC, "the incidents of ransomware in Canada are rising at an alarming rate. In 2015, Canadians were affected by 1,600 ransomware attacks a day. By September 2016, the attacks nearly doubled. Those are the known cases. Unfortunately, many incidents still go unreported."
What Would You Do If You Lost Everything (Digitally, That Is)?
Young, old, employed or small business owner, we're all reliant on a computer or smartphone that houses our work, digital memories and life. If it's not protected, up-to-date and backed up, what would you do if a bad guy had it for ransom and was demanding payment? And what if you were told that if you didn't shell out payment in a few hours, all your files would be gone forever?
What Exactly is Ransomware?
David Papp, Edmonton based Tech Expert specializing in Social Media, Cybersecurity, Privacy, and Technology Management explains ransomware as "malicious software that crawls through your computer files and encrypts each file individually, essentially rendering those files useless unless you pay a specified sum of money to "unlock" your files.
"Typically, the payment request is through a cryptocurrency such as Bitcoin. Ransomware can also find other computers and servers on your local network to infect everything it can see. It isn't guaranteed that if you make payment, your files will be unlocked. When you try to access any of your files, a message displays on your screen telling you where to send payment, along with a countdown timer showing when it will be too late."
Who's at Risk?
Papp knows several people that were hit by ransomware recently, including himself. He warns that "not all end well."
"One business was hit twice on two separate occasions," he says. "They recovered as best as they could from their backups but did lose some files. Ransom amounts were approximately $25,000, which they didn't pay. Another business was hit with a ransom of $200,000. It locked them out of not only their critical business files, but also all of their backups which were connected to their network. They didn't recover from that situation. I was personally hit by ransomware [and I'm] not sure how it got into my network. It wasn't a big deal for me because of how I run my backups; I simply restored my files and it ended up being a minor inconvenience in time."
What Can You Do to Prevent It?
"There is no such thing as 100% secure," cautions Papp. "We mitigate risk by putting in place anti-virus, anti-spyware, anti-malware, backups, archives, and educating people to not open suspicious or unknown email attachments and not click on unknown links in emails."
David's Best Advice?
Back up, back up, back up!!
"I can't stress this enough. People think I'm exaggerating, but it really is extremely important. You need to implement different backups using different strategies, different methods, going to different mediums. Murphy's Law has it that 9 out of 10 backups will fail when you need them. You only need to have one good backup to restore your files.
"More importantly, you need to test your backups to ensure they're actually working. I've been in many situations where someone thought the backups were working, but they had failed years ago because no one bothered to look at or test them. You also need to have offsite backups (external hard drives, tapes, etc.) where you have a "snapshot" of all your files at a different location and not connected to anything. This is the method that saves most people in the ransomware situation."
What Can You Do If You've Been a Victim? Should You Pay?
Papp doesn't believe that there's an easy or correct answer regarding paying the criminals.
"You need to evaluate (in a very short amount of time) what your options are and decide what you should do," he says. "There's no guarantee that you'll get your files unlocked if you pay. The best thing to do is immediately disconnect everything from the network and Internet, and call in an expert to evaluate. Also take inventory right away of what backups you have, where they're located, what dates they represent and whether you have the software to restore them. Everything will aid in making the most informed decision you can under stressful circumstances."
Dos and Don'ts From the Canadian Anti-Fraud Centre: