Ransomware Prescription
Ransomware Prescription: a reader asks…
Ok, now I’m worried. I’m reading about how widespread the ransomware scare is, and how it’s growing exponentially. Today I just read about another one coming that will be even bigger and harder to detect. What should I be doing to protect myself? I have a Windows 10 computer, and run Windows Update automatically.
Just my opinion, but it’s only a matter of time before hackers will engulf the planet in ransomware. It’s too easy to deploy and too easy (with Bitcoin payments) to remain anonymous yet still get paid. So my advice to anyone with a computer is that it is past time to take measures to both defend against attacks and to deal with the aftermath of a successful infection on your computer.
First the defense: You’re already keeping your operating system up-to-date which is a good primary defense mechanism. Add to that keeping all your installed software up-to-date, especially programs like Adobe Acrobat Reader and Java. Add to that, make it a point to not click on links in email or open file attachments in email. And add another habit – avoid dodgy websites, so curtail your clicking on google search results nilly-willy. Do all this and you will make it much harder to get infected with malware or ransomware.
Second, you need to backup your computer on a regular basis, and you need to store those backups offline where an infection can’t get to them. A good practice is to do the following once a day, a week or a month depending on how often you change files on your computer.
- Plug in an external hard drive, such as a My Passport. Make sure your computer recognizes it and assigns a drive letter to it (so you can see it in File Explorer)
- Run the backup program(s) of your choice and backup your computer to the external hard drive
- When the backups are complete, unplug the external hard drive from the computer.
Rinse and repeat this as often as you like. The important thing is to unplug the drive in-between backups. Ransomware will search out and encrypt any attached drives on your computer, not just the C: drive. Even network-attached storage drives are vulnerable, so you should connect and disconnect those if you use them.
For #2 above, there are tons of backup programs available, but Windows 10 includes two that you can easily use. The first one is called File History and you can get to it by searching for “File History” from the search bar at the bottom-left of your screen. Or you can click Start > Settings (the gear icon) > Update & Security > Backup. Turn it on and have the backups saved to the external hard drive. The second one is on the same backup page: click the link that says “Go to Backup and Restore (Windows 7)”. That opens a new window with two links on the left. Click the one that says “Create a system image” and follow the on-screen instructions to backup your computer’s entire hard drive to the external hard drive.
Mac users may want to do something similar with an external hard drive – just use Time Machine. Be sure to unplug the drive in-between backups. I’m not saying that Macs are just as vulnerable as Microsoft Windows PCs are (at this time), just that having a backup is great insurance against the (imo inevitable) successful attacks to come.
If (possibly when) your computer gets locked up by ransomware, don’t pay the ransom. Use your System Repair thumbdrive to boot your computer, and then connect the external hard drive and use the System Restore features on the thumbdrive to reformat your hard drive (erasing everything on it including the ransomware), and restore your system to the most recent backup.
Don’t have a System Repair thumbdrive? You can easily make one, just buy yourself a 16gb or larger thumbdrive, insert it in your PC, then type “Recovery drive” in the bottom-left search box. that opens a tool to create the USB thumbdrive recovery media. Follow the on-screen instructions to create that USB repair tool. Be sure to mark the thumbdrive and keep it in a safe place in case you need it.
This website runs on a patronage model. If you find my answers of value, please consider supporting me by sending any dollar amount via:
or by mailing a check/cash to PosiTek.net LLC 1934 Old Gallows Road, Suite 350, Tysons Corner VA 22182. I am not a non-profit, but your support helps me to continue delivering advice and consumer technology support to the public. Thanks!