The past couple of weeks have been throwing up scary online-related news where the privacy of users and the safety of their online data has been severely compromised. Most of us are aware of the term ‘hacking’ – where one gains unauthorized access to data in a system or a computer – as has been the case with the app, ‘Zomato’, which underwent a  major security breach with over 17 million user account records stolen. Zomato asked its users to reset their passwords as also change their passwords at all sites where they had re-used the same password. However, a newer malaise that has been the despair of the online user is the concept of ‘ransomware’. IT Consultant, Shahrzaad Parekh, sheds light on this comparatively new online threat and shares some basic safety tips to help avoid becoming the victim of such attacks.

What is Ransomware?

It’s a malicious software (or malware) that first, prevents a user from accessing their files, and then financially extorts the owner of those files to make a payment, in order to regain access to their files. Very often, the ONLY way to recover the files is by paying the ransom, as attempting to guess the password that will decrypt and return your files to you is just infeasible.

How is Ransomware different from other malware like viruses, trojan, etc.?

Unlike earlier instances, now there is a financial incentive for malware authors to write and spread ransomware. By denying access to critical documents, photos, media files and other critical user files, a situation is created, wherein the user will find it far less irksome to pay the one-time ransom to hopefully decrypt the files and regain access, than to attempt recovery.

But I have an antivirus installed – won’t that protect me?

Yes and no! If you have an antivirus/anti-malware product that knows about a particular type/variant of malware and what to look for, you might be protected. However, if you’re unlucky enough to be a victim of a successful new attack that your antivirus software doesn’t know about, then perhaps it won’t be able to protect you.

How can I protect myself against ransomware and other threats?

• Use common sense and suspicion in equal measure – do not open attachments, no matter how genuine they appear to be UNTIL and UNLESS you verify from that sender via some other method (Whatsapp, FB Messenger, SMS, telephone call, etc.) that they have intentionally sent you this attachment. Chances are high, that an infection might hit you by posing as an attachment sent from the email address of one of your known contacts. Be wary of documents and files that are shared via email and also links that appear to be of documents or files hosted on online services like Google Docs or Microsoft Office Online, but actually are not. If it seems suspicious or unlikely that a particular contact would send you that file, first verify the sender’s intent and only then click to open it.
• Use a good, paid internet security product and keep that updated so it knows how to protect you against the newest and latest threats.
• Keep your software, both operating systems as well as programs, updated – software companies like Apple, Microsoft, Google et al frequently release security updates for their products. Ensure that you keep your devices updated. Use only genuine software and NOT pirated software so that you’re able to keep your software updated, if for no other reason now, than to save on paying the ransom (which is often in the region of $300 – $700 or ₹20,000 – ₹45,000) which is usually more than the price of a genuine licence.
• Keep multiple backups of critical files: keep your important files in multiple locations – use an online file storage service like Google Drive, OneDrive, Dropbox etc. as well as an external removable hard disk to store your important documents. Keep different sets of backups, instead of continuously overwriting the same backup set.
• Try to use a user profile that’s set up as an ordinary user with limited privileges and not as a system administrator – this will reduce the amount of damage that can possibly be done.
• Eliminate the use of older, insecure browser plugins of Adobe Flash, Microsoft Silverlight and Java.
• Use an ad-blocker to reduce the probability of an infection hitting you via malicious code in an online advert displayed from dubious sources.
• Don’t plug in USB flash drives into machines that have sensitive data without first running a full virus scan on them.
  Verify file extensions before clicking on them – Cyber criminals are adept at camouflaging files to make them look harmless. The purpose is to get you to click on them and launch a malware infection that will take over your computer. Modify your Windows settings to show file name extensions, so you’ll know to avoid shady formats, like ‘.jpeg.exe’ (which aren’t pictures, but malicious executable files).

If you are the unfortunate victim of a ransomware attack, do whatever you can to avoid paying the ransom, as there’s no guarantee that cyber criminals will give you the decryption key. And last, but not the least, if you’re suspicious, ask a knowledgeable person for their advice on how to proceed in any given situation when it comes to technology and IT safety.