In recent years, there has been a mass migration to remote working and cloud storage. While these new ways of working have improved workflow and productivity, they have also opened up new access points for attackers to access and steal data.
Some of the most vulnerable apps for cunning attackers are:
- Social media and messaging apps which typically have access to an alarming amount of personal information
- Remote access apps which can redirect network traffic through an unknown server
- Third-party app plugins such as doc scanners which are supposed to improve functionality can deliver malware right to your device
Ransomware is one of the most highly publicized threats to computer security today. It’s estimated that in 2019, over $7.5 billion in damages were caused by ransomware in the US alone.
Whether you’re online for work or recreation, you need to be aware of potential threats like ransomware and how to protect yourself from losing money to one of these scams.
What Is Ransomware?
Ransomware is a type of malware that encrypts the victim’s files, making them inaccessible until the victim pays the attacker in untraceable bitcoin. The attacker will then release the decryption key to unlock the victim’s files.
Another less common type of ransomware is called leakware or doxware. The attacker uses this variation of ransomware to threaten the victim with doxing or leaking their sensitive personal information on the internet unless the victim pays the ransom.
The ransomware boom of the 2010’s has declined in recent years in favor of cryptojacking malware. This type of malware quietly infiltrates the victim’s device and mines or creates cryptocurrency, wasting valuable computing resources in order to make money for the perpetrator.
That said, criminals who had infiltrated computers to mine cryptocurrency are now pivoting back to ransomware due to the unreliable market prices of cryptocurrencies. With access to compromised devices, criminals can extract personal information to sell on the dark web.
If you have been a victim of leakware and had your information used for fraudulent activities, you need to dispute these fraudulent entries on your credit report and submit your identity theft report. Once the counterfeit activities are struck off your record, look into how to improve your credit score after identity theft.
Should I Pay Ransomware Ransom?
According to Kaspersky findings, paying the ransom is not a guarantee that you will get all your files back intact.
Among users who experienced a ransomware attack:
- 29% could restore all their data
- 18% lost a few files
- 50% lost some files
- 32% lost a significant amount of data
- 13% lost almost all their data
Cyber security experts discourage paying the ransom as it only fuels further illegal activity from the attackers and doesn’t guarantee you your data.
A Carbon Black report on the ransomware market found that one of the most effective ways of fighting ransomware is not paying the criminals. By withholding payment, you disrupt their ROI and the entire supply chain thus rendering the entire attack ineffective.
To retain the power to hold out against ransomware attacks, organizations and individuals have to invest in proper file and system backups, patching, and updating prevention measures.
What Should I Do in the Case of a Ransomware Attack?
If you experience a ransomware attack, immediately contact your local law enforcement agency and report the attack. They may not be able to do anything, but it’s important that you let them know so they can be on the lookout for other potential attacks.
Check your backups to see if your files are available.
There are ransomware recovery services out there such as Datto that can help you recover your data. Do a Google search to find data recovery experts in your area.
Do NOT pay the ransom. Do NOT call the number they want you to call. Do NOT give them your contact information if they don’t already have it.
The key to surviving or preventing such malware attacks is putting in place strong security measures and adopting safe internet use, especially on sites where you input your personal information.
How to Avoid Ransomware?
You can prevent identity theft through ransomware by adding a few online safety habits and investing in security measures.
Here are a few tips to prevent ransomware:
- Use a reputable antivirus software and a firewall to protect your devices. Update them often to protect yourself from constantly evolving threats.
- Avoid clicking links in emails or sites that you don’t trust. Don’t open attachments from untrustworthy senders. Recently, attackers have invited victims to edit files on Google Drive, mimicking workplace collaboration. Always double check invite links.
- Make sure all inbound emails are scanned and filtered. Any suspicious attachments or content should be flagged and blocked.
- If you receive unsolicited phone calls or emails, don’t share any personal information. Many attackers pose as IT troubleshooting in order to gain intelligence. Always confirm so-called scheduled maintenance or calls from your bank looking for information.
- Avoid downloading cracked software, apps or patches from compromised or untrustworthy sites. They are often vectors of malware.
- Regularly backup your data and secure your backup files. Doing so enables you to restore files quickly and immediately begin to recover from identity theft.
If all of your files have been backed up to a local or cloud storage solution, you can easily recover from a ransomware attack without having to pay the ransom.
Security software alone can’t protect your information since ransomware developers are constantly tweaking their codes and finding ways to bypass antivirus scans and firewalls. It’s advisable to employ a combination of all the above tips to create a failsafe. By all means: back up your data regularly! The better your backups, the less you will lose in case of a ransomware attack!
Now that you have a clearer picture of the risks to your personal information, you can secure your data. In the event of a data breach or identity theft, it’s important to contact credit professionals who understand the legalities and can help expedite the recovery process.