How to Protect Yourself as Ransomware Attack Spreads Around the Globe

Cyber Security

Although this latest attack was massive in scope, ransomeware threats often strike the personal computers of individual consumers, too.

Here’s what you need to know and how to protect yourself.

What is ransomware?

Ransomware is a form of malware designed to steal money from individuals, businesses and other organizations by holding their data hostage. Imagine coming home to find a big padlock on your front door and a criminal standing next to it, demanding money to let you in. That's ransomware. Only instead of being locked out of your house, you're locked out of all your personal files. The next time you log on, your computer displays a ransom note saying your data has been encrypted, with instructions on how to pay to unlock it. 

Can hackers really make money doing this?

Oh, yes. Ransomware is big business. Ransoms can range from a few hundred to thousands of dollars and are usually paid in the "virtual" currency Bitcoin, which is nearly impossible to trace. In some cases, the longer you wait to pay, the higher the ransom becomes.

According to cybersecurity firm Symantec's Internet Security Threat Report released in April, the number of new versions of ransomware uncovered during 2016 more than tripled to 101, while the number of ransomware infections the company spotted jumped 36 percent. Verizon's recently released 2017 Data Breach Investigations Report notes that ransomware accounted for 72 percent of the malware incidents involving the heathcare industry last year.

Why is this particular ransomware attack significant?

Friday's attack affected at least 25 of the UK's National Health Service's hospitals and other organizations. But NHS says it was not the specific target of the attack. It does not appear that patient information was accessed, according to the organization, but its investigation into the matter is still in the early stages. Barts Health, which manages a handful of major hospitals in London and elsewhere, also confirmed it was experiencing a "major IT disruption."

The malware arrived in encrypted files distributed by email. Once a computer was infected, the user received a note demanding $300 in bitcoin to restore access to patient information and other data on the device.

British Prime Minister Theresa May called it an "international attack" affecting a "number of countries and organizations." CNN put the figure at 74 countries.

How do you get infected?

Whether they involve a computer nework run by a business or hospital, or just an average person's personal PC, most ransomware infections happen when a user is lured by a bogus “phishing” email to a site that infects his or her computer, or by clicking on an attached file that secretly installs it.

How can you avoid having your data taken hostage?

You avoid ransomware the same way you avoid any malware infection: By being careful. While that's not always easy, there are things you can do to steer clear of problems.

Don’t casually click a link inside an email; instead, type the web address directly into your browser.

Never open an attachment unless you were expecting to receive it and you're certain of what it is.

Don't spend time in the disreputable corners of the internet that specialize in risqué content or pirated movies; you can get infected simply by visiting a dodgy site.

Never install software just because a web site tells you to do it.

And always keep a backup copy of all your personal files on a separate drive or with a "cloud"-based backup service. That way, if the worst happens, you'll always have access to your most important data.