We are currently in the midst of an international crisis and digital pandemic of ransomware, a form of cyberextortion. Ransomware blocks access to your data by encrypting it (locking it) and then demands that you pay a ransom (usually in cryptocurrency such as Bitcoin) to obtain a decryption key to regain access. Sometimes ransomware can come with trojans that steal your passwords as well.
For example, the corporation Colonial Pipeline was affected by ransomware on May 7, 2021. As the financial and business news outlet, Bloomberg, reports, “The hack that took down the largest fuel pipeline in the U.S. and led to shortages across the East Coast was the result of a single compromised password, according to a cybersecurity consultant who responded to the attack.” It was the largest publicly known cyber-attack on critical infrastructure in the history of the U.S. As written on ScienceDirect, a database of peer-reviewed literature, “…the Colonial Pipeline incident had a relatively small contribution to the May 2021 spike in fuel prices, which led to their highest levels in 7 years.”
Alex Heid, Fellow of Threat Intelligence at SecurityScorecard, talks about how infection can escalate from the personal to the corporate, “Ransomware is one of the most prevalent attacks targeting companies at the moment, whereas the average user is likely to be infected with a keylogger. Attackers are also known to leverage the access gained from infected personal devices to pivot into corporate networks as well.” When asked if corporate networks can infect personal devices, Heid says, “Yes it’s possible, but the reverse is more likely.”
James Ball, Principal Cyber Security Engineer at T-Mobile, talks about the infamous WannaCry attack, “One notable ransomware event was the WannaCry attack in 2017, which affected hundreds of thousands of computers in over 150 countries and caused an estimated $4 billion in damages. Ransomware can potentially cripple a company to the point of bankruptcy if the ransom is not paid. And even if the ransom is paid, if the flaws are not fixed, they will be a target again.”
Emily Mitchell, a Cybersecurity Researcher at Synack Red Team, talks about ransomware as a service and its consequences, “Ransomware is a growing cybersecurity threat and attacks have only increased in recent years, with attackers hiring illicit “ransomware as a service” vendors to target businesses, government institutions, and individuals. Ransomware can lead to significant data loss, financial loss, disruption of operations, and potential exposure of sensitive information.”
How can you protect yourself against ransomware and all other malware for that matter? Here are some tips. First, don’t open suspicious email attachments unless you scan them first using an antivirus or a website like virustotal.com which uses more than 50 antivirus engines to determine if a file is safe. Microsoft announced on February 28, 2023, that, “VBA macros are a common way for malicious actors to gain access to deploy malware and ransomware. Therefore, to help improve security in Office, we’re changing the default behavior of Office applications to block macros in files from the internet.” This means that a series of pre-recorded commands attached to Office documents will no longer automatically execute and potentially infect your computer.
Secondly, it’s wise to be mindful of file extensions. If you’re downloading a picture on Windows and instead of it being a .png or .jpg it says .exe or something else suspicious, then you shouldn’t open it because it’s not the kind of file you are looking for and is probably a virus. You can enable showing file extensions in Windows in the Explorer menu.
Thirdly, if you want to block ads and malware domains on your personal computer automatically, experts recommend using the browser extensions AdBlock or uBlock Origin on
Chrome or Firefox. Not only will they block ads and malware domains, but they make your browsing experience faster because you won’t be loading all that extra ad content. Keep in mind that sometimes you will have to temporarily disable these blockers to access certain content, but you will rarely have to do so.
Fourthly, you should use a unique password for your email and not save it in your browser so that if your passwords from other sites are ever compromised by a virus that accesses your saved passwords from your computer or a data breach, they won’t have access to your email. A hacker with access to your email can access your entire online presence including bank accounts and social media because they can reset all your passwords (assuming there is no Two Factor Authentication, which I suggest you set up if you can). To know if you’ve been part of a breach, please visit monitor.firefox.com. This won’t exactly prevent ransomware, but ensures that if you get infected, which is unlikely if you have an antivirus, there is less chance of your passwords, data, and money being stolen.
Experts also recommend keeping backups of your critical and personal data. External hard drives or USB flash drives ensure that in a worst-case scenario, you still have a copy of your data. You can attempt to decrypt your files using these Ransomware Decryption Tools such as nomoreransom.org.