Or, Why You Should Keep Your Computing Devices And Anti-virus Up-To-Date
Even though I’ve talked about ransomware a number of times here in our blog, there were still people who really didn’t understand the term until Colonial Pipeline was hit. At that point, the company shut down their pipelines and they remained closed for almost a week. While the hackers/scammers were only after money, their attack caused effects far beyond cashflow.
Unfortunately, the ransomware caused a panic which caused a gas shortage. The Colonial Pipeline company supplies about 45% of the East Coast oil and gas and when people heard about the shut down, they went crazy. (Anyone remember the toilet paper panic?) People envisioned having no gas for their cars, trucks and lawnmowers, so they filled up every gas container they could. The reactions reminded me of one of the pillars of Social Engineering – panic (and/or fear). Now that the fuel is flowing again, let’s review a few things about ransomware.
The word “ransomware” is a portmanteau of the words “ransom” and “malware.” (Of course, “malware” is a portmanteau of the words “malicious” and “software.”) In simple terms, ransomware is malicious software which takes over a computer or a network of computers and encrypts the files. Additionally, ransomware may steal files as well. The victim is then offered a “key” to unencrypt their files and get back in operation. If files were stolen, they may be blackmailed into paying to get them back without them being released.
The Ransomware Target Has Changed
In the very early days of ransomware, hackers targeted people like you and me. The average computer user is a pretty easy target, generally speaking. Some of us will click on any attachments sent in email without thinking! Additionally, many users had adopted the “I’m not doing updates because there’s nothing wrong” attitude. This type of thinking left home and small business computer users as soft targets.
Even though home users are usually easier to hack, very few of us are going to pay $5 million like Colonial Pipeline did. Hackers/scammers aren’t dummies. They soon realized that the potential for hauling in big bucks centered on big companies and not the average home user. Of course, we can’t stop being vigilant in our fight against malware and ransomware just because we don’t seem to be in the line of fire, currently.
What Allows Ransomware Infections?
In analyzing ransomware attacks after the fact, companies often become victims for the same reasons home users get themselves in trouble:
- Operating System and App updates are not installed as soon as they become available.
- Anti-virus/anti-malware is allowed to run out or fall behind in updates.
- Separate off-site backups are not kept, not kept up-to-date or never checked to see if they are actually working.
- Computer users are not properly trained regarding email attachments, SMS text messages, Social Media attacks and malicious links – both email and website.
- Computers with defunct operating systems are allowed online. (See HERE.)
- Passwords are insecure or stored as text files on a machine.
- The same password is used over multiple sites.
Some Final Notes About Ransomware
- The FBI and Homeland Security tell companies and individuals to NOT pay a ransom. See HERE. (Note the heading “Reporting Information which appears on the right near the bottom.)
- I never recommend external drive back up for a variety of reasons including the fact that files on the back up drive can be encrypted along with your computer files.
- Although what these scammers do is discouraging, the computing world and the Internet are here to stay. Instead of packing everything up, get smarter. (You’re on your way because you read this blog!)