How would you feel if a cybercriminal caused the photos of your son or daughter's first Christmas or birthday party to be lost forever?
That's the reality which could potentially face thousands of families up and down the country with a high volume of ransomware attacks on the public.
Earlier this month the Information Commissioner's Office published tips for businesses on how to prevent ransomware attacks. This type of attack is affecting individuals too so we are providing advice for people wanting to protect their home systems.
Modern ransomware attacks are commonly distributed by email, usually via attachments or malicious links. They work by infecting your computer and encrypting all the files that they can find on its hard drive. Some attacks will also look for connected external drives and network drives, and encrypt the files on those too.
The attacker will then issue a ransom demand, typically for a few hundred pounds, to be paid in the digital currency Bitcoin. The sum must be paid in order to gain access to the decryption key and therefore regain access to the information stored in the files - although there is no guarantee that the attacker will release it.
Anyone falling victim to this malicious cybercrime risks the potential loss of personal files such as precious wedding photos, much-loved video recordings or essential private documents unless they have a back-up of these important files.
What does a ransomware attack look like?
The most well-known type of ransomware attack enters your IT network as an attachment to an email. The content of the email might request you to take a specific action or "act quickly" such as paying an invoice or applying for a refund, and tells you to open the attachment. If you do, the attachment will then take advantage of any vulnerabilities in the operating system or other installed software (such as a word processor) to run and this could start the encryption of your files.
How can I prevent a ransomware attack?
Here are some top tips for protecting your home systems:
• Don't click on suspicious links or attachments in emails, especially if you do not recognise the sender or were not expecting the email
• Make sure you back-up your files - don't keep all your favourite photos on one device
• Keep your back-up device separate from your computers - only plug the back-up drive in when you need it,
• Check you have basic technical cyber protection for malware and that this is up to date.
• Ensure the operating system and software on all of your devices are up to date.
• Don't install software that you didn't specifically go looking for
• Only obtain software and updates from reputable sources
• Use an account with the least privileges for your daily activities - being logged in as an administrator just to check your email or browse the web can put you at unnecessary risk
• Be aware that, by default, some operating systems will hide file extensions. This means that attackers can insert a fictional file extension into the file name to disguise their ransomware as a harmless looking file, eg a PDF or other document. You can set your system to show the full file extension to make it easier for you to identify any suspicious files.
What if I do fall victim?
• Preparation is the best defence--therefore you need to take action before your data is encrypted. Make sure you have a working back-up which you can use to recover your data.
• Depending on the variant of ransomware you were attacked with you may be able to recover your files without paying the ransom. You could seek professional advice on this but don't rely on it - you might be attacked by a newer variant which doesn't have a flaw.
• If you are able to remove the ransomware, ensure that you do a full scan of your computer using good antivirus software - the attackers could well have maintained a link to your computer and if that link is not found, they could attack your computer again.
If you'd like advice on how to protect your business from a ransomware attack there's a separate blog with some key tips.