Protect Your Files
Patching, or applying updates, protects your computer — the operating system and programs. Now we need to protect the data, your personal files and pictures and so on.My investigation of a "Police Scareware" or "Extortionware" attack
"Crypto-locker" attacks are common. Some take the form of "scareware" or "extortionware". Generally speaking, the exploit goes like this:
The user wanders into a a bad corner of the Internet using an unpatched browser. Remember how I told you to update everything earlier?
They were enticed to look at the page through some clickbait about a funny video, or something amazing or outrageous or tempting, or, quite often, promises of porn. The malicious page may have actually contained a funny video, or a cute animal, or an embarrassed cheerleader, or naked people, but it also included some malware that took over their unpatched browser or video player.
The malware then encrypts or deletes all their data.
There goes every picture and every video and every file they have. All of their work. Every priceless picture and video and message from loved ones.
All they have left is a message in somewhat broken English claiming that if they pay from a few hundred to a few thousand dollars to some account in far eastern Europe, they may be able to get their pictures and videos and messages and work back again. The "scareware" or "extortionware" version adds the twist of claiming that national law enforcement has "seized" the computer for illegal activity.
If they simply had made backups, this would only be a minor annoyance.
And if they had kept their system up to date, it shouldn't have happened at all.
In Case of EmergencyNo More Ransom Ransomware Prevention Advice
If you do get hit with ransomware, there may be a simple fix. Free ransomware decryptors are available.
The No More Ransom website is an intiative by the National High Tech Crime Unit of the Netherlands' police, Europol's European Cybercrime Centre, Kaspersky, and MacAfee. In its 5th year of operation it had 121 tools that handle 151 varieties of ransomware.
Don't casually rely on these tools, assuming that they will fix any problem. But be aware of them just in case.
Protect Your Backup
The critical detail here is to keep your backups off-line. Don't leave it on an external disk connected to your PC. The crypto-locker malware immediately encrypts or deletes everything that it can find.
Copy your valuable data onto an external disk, and store that disk in a fireproof box.
How often should you do this? Do it once a year if you figure you can stand to lose the past year's data. Do it more often to further limit loss.
Be careful: Make sure that you haven't been hit by a crypto-locker before making a backup copy, as that will just be a version you can't use. If you have been hit by a crypto-locker, you need to recover data from your previous backup. Yes, this happens to people. Update your systems, and install and update antivirus software. And try to resist that clickbait.
I keep duplicate copies of important data (pictures, work documents) on my desktop and laptop. When I get back from a trip, maybe to the coffeeshop, or maybe to another state or another country, I copy all the new files from my laptop to my desktop. Then I copy everything to an external disk every 6 to 12 months.
It's easy and cheap to use an external disk and a fireproof box.AWS Glacier cloud storage
There are a lot of cloud storage services for backup. These are more complicated, really beyond the scope of this page.
Don't rely on free cloud storage offered by your Internet service provider. That might work out just fine. But, there are many examples of companies that offered free or extremely cheap online storage, and then took it away with very little notice.
Also notice that Windows has an easy interface for backing up data:
Next❯ Use strong passwords