The threat of ransomware as the dominant means by much malware peddlers can extract a quick profit has slowly been growing ever since Bitcoin surpassed the per ounce price of silver in early 2013. Seeing as ransomware has become such a main stream phenomenon that it has reached a New York Post advice column it's high time Qntra has offered some advice on avoiding the pains that ransomware can inflict. Here's a few measures you can take:
- Keep up to date backups of your important files and data. The kind of backup should fit the type of information being backed up. For things like private keys or sensitive documents "cloud" backup solutions are out of the picture. Ideally your backup solution should not be persistently connected to your computer where data on it could potentially be exposed to ransomware with the rest of your system.
- Further for truly mission critical information the airgapped machine completely separated from any network is an option. Printers, sheet fed scanners, and OCR friendly fonts1 are a thing for when the time comes to move information between it and a networked machine. For a few hundred dollars one can pick up a used workstation class machine off of Ebay that should still be able to deliver another decade or two of reliable use.
- If you haven't already, move away from Windows as a "working" working operating system. If you must play games that only run on Windows or you want them to look better than a console will let them fine. Treat the machine you use for that as a toy and separate it from systems that work. At some point in the very near future Apple Consumer Product's OS X might require similar treatment. If you are bound to Windows by a need for Microsoft Office, rethink your life choices and still quarantine that machine like it came out of the playpen of a toddler who just recovered from rotavirus.
- As a minimum measure, a person of limited computing machines could abstain from much of the shady shit ruining the Internet which expects the browser to operate as a runtime for whatever code they wish to push at the moment. This means making sure Yahoo can't ask your machine to run code for it, because Yahoo's ad network has spread ransomware in the past. This also means avoiding freeware that isn't also open source, because if you can't afford a sacrificial computer you can't afford to lose whatever computer you are using.
- In the worst case if you get hit by ransomware, don't pay like these schmucks did. It encourages the further production of ransomware. Paying extortionists sets a poor precedent, and it is hard to be sure the people behind the ransomware aren't noting the people who pay to target for another round of extortion when they run low on new prospects.
remember to use a separate printer/scanner pair for offline and online machines. ↩