Cybercrime has reached a new level.
Imagine cybercriminals holding your files for ransom. It sounds like something out of a movie set in the distant future, but business owners and households are facing such a threat today.
Hackers are now using ransomware to hijack computers and hold files hostage in exchange for payment. Malware programs like CryptoWall, CryptoLocker and CoinVault spring into action when you unsuspectingly click on a link in an email, encrypting all of the data on your hard drive in seconds. A “ransom note” appears telling you that you need to pay $500 (or more) to access your files again. If you fail to pay soon, they will be destroyed.1
Worldwide, more than a million computer users have been threatened by ransomware – individuals, small business, even a county sheriff’s department in Tennessee. The initial version of CryptoLocker alone victimized 500,000 users, generating more than $3 million in payments along the way.2,3
The earliest ransomware demanded payments via prepaid debit cards, but hackers now prefer payment in bitcoin, even though few households or businesses have bitcoin wallets. (The emergence of bitcoin effectively aided the rise of ransomware; keeping the payment in virtual currency is a hacker’s dream.)2,3
If your files are held hostage, should you pay the ransom? The Department of Homeland Security and most computer security analysts say no, because it may be pointless. By the time you get the note, your files may already be destroyed – that is, encrypted so deeply that you will never be able to read them again.
Some people do pay a ransom and get their data back. As for prosecuting the crooks, that is a tall order. Much of this malware is launched overseas using Tor, an anonymous online network. That makes it difficult to discern who the victim is as well as the attacker – if one of your workers thoughtlessly clicks on a ransomware link, you cannot find, scold or even help that employee any more than you could locate the hacker behind the extortion.3
How do you guard against a ransomware attack? No one is absolutely immune from this, but there are some precautions you should take.
First, back up your data frequently – and make sure that the storage volumes are not connected to your computer(s). Cloud storage or a flash drive that always stays in one of your computer’s USB ports is inadequate. If you back up your files regularly enough, weathering a ransomware attack becomes easier.3
Keep your anti-virus software renewed and up to date. Those alerts you receive about the latest updates? Heed them.
Never click on a mysterious link or attachment. This is common knowledge, but bears repeating – because even after years of warnings, enough people still click on mysterious links and attachments to keep malware profitable.
Ransomware is a kind of cyberterrorism. This is why the Department of Homeland Security issues warnings about it. When you deal with terrorists, playing hardball has its virtues. As Symantec Security Response director Kevin Haley told NBC News: “If none of us paid the ransom, these guys would go out of business.”2
Mike Moffitt may be reached at phone# 641-782-5577 or email: firstname.lastname@example.org
Michael Moffitt is a Registered Representative with and Securities are offered through LPL Financial, Member FINRA/SIPC. Investments advice offered through Advantage Investment Management (AIM), a registered investment advisor. Cornerstone Financial Group and AIM are separate entities from LPL Financial.
This material was prepared by MarketingPro, Inc., and does not necessarily represent the views of the presenting party, nor their affiliates. This information has been derived from sources believed to be accurate. Please note – investing involves risk, and past performance is no guarantee of future results. The publisher is not engaged in rendering legal, accounting or other professional services. If assistance is needed, the reader is advised to engage the services of a competent professional. This information should not be construed as investment, tax or legal advice and may not be relied on for the purpose of avoiding any Federal tax penalty. This is neither a solicitation nor recommendation to purchase or sell any investment or insurance product or service, and should not be relied upon as such. All indices are unmanaged and are not illustrative of any particular investment.
1 – rackspace.com/blog/dont-be-held-hostage-by-ransomware-hackers/ [1/15/15]
2 – nbcnews.com/nightly-news/security-experts-you-should-never-pay-ransomware-hackers-n299511 [2/4/15]
3 – tinyurl.com/n3rcrsm [12/8/14]