The rise of ransomware
The beginning of March saw the first case of ransomware successfully attacking Apple computers. According to a CNN Money report, Palo Alto Networks spotted ransomware KeRanger on OS X on March 4 and promptly notified Apple. Even though Apple rectified the situation to prevent further infections of KeRanger, it’s important to understand ransomware and what you should do if you encounter it on your own computer.
What is ransomware?
In simplest terms, ransomware is malware that prevents you from accessing files on your computer until you pay a ransom to have the files unlocked. Some ransomware will encrypt your files (decrypting them requires paying for an encryption key). Other ransomware will lock your computer system and constantly display messages that prompt you to pay the ransom.
You could think of ransomware as the digital age’s version of kidnapping or high seas piracy. Technologists have seen a wide array of payment methods used for ransomware such as wire transfer, premium-rate text messages, online payment voucher services, or, in the Apple ransomware case, the digital currency Bitcoin.
Earlier this year, Hollywood Presbyterian Medical Center in California fell victim to ransomware that demanded payment via Bitcoin. It is suspected that the hospital contracted a malware infection either through an email attachment or infected advertising on a website. The malware quickly spread through the organization’s network and encrypted all the files it could access, including mapped drives (e.g., departmental shared drives). Staff could not access anything on the hospital’s computers, so they had to resort to hardcopy paperwork. In the end, Hollywood Presbyterian paid some $17,000 for the files to be unlocked.
What can I do?
Since ransomware is effectively malware on steroids, malware programs can help remove ransomware from your computer, as long as the ransomware is detected before it fully encrypts your data. However, here are other tips you should keep in mind to help protect yourself:
- Backup your files – Keep your files backed up to cloud services like Google Drive, OneDrive for Business, or personal external hard drives. This way, if your data is locked away by ransomware, you can have your computer cleaned and restore the data.
- Keep security software updated – Always make sure some form of malware or antivirus software is installed on your computer and kept up-to-date in order to protect yourself from any new variants of malware.
- Keep operating systems updated – When Apple recognized their vulnerability to ransomware, they quickly released a patch to prevent exploitation. Keeping your operating system up-to-date will patch newly discovered security vulnerabilities.
- Don’t open strange emails – As with many other viruses and malware, ransomware is commonly delivered by tainted email messages. If you do not trust or know the sender, you should not open any links or attachments in an email. When in doubt, your best course of action is to simply delete the message.