General discussion

Ransomware: How do you prevent it from happening?

Question:

Ransomware: How do you prevent it from happening, and if you were held up, do you pay?


I've been seeing a lot of news headlines about ransomware in which I think it is when a hacker gets into your computer and puts a lock on it so that you can't do anything on it and demands a payment of a specific amount or else your computer will remained locked or will be wiped clean. Am I correct or is there more to it? This has me a bit concerned. Even though my computer doesn't hold top-secret materials, I still don't want to get caught in this mess. So how would one go about preventing this type of ransomware from being attached to my computer? Is an antivirus program good enough to keep this from happening? If not, what should I have installed to prevent this? And out of curiosity, if this were to happen to you where your computer were held up for ransom, would you pay up? Why or why not?

--Submitted by Steven H.
Discussion is locked
Follow
Reply to: Ransomware: How do you prevent it from happening?
PLEASE NOTE: Do not post advertisements, offensive materials, profanity, or personal attacks. Please remember to be considerate of other members. If you are new to the CNET Forums, please read our CNET Forums FAQ. All submitted content is subject to our Terms of Use.
Reporting: Ransomware: How do you prevent it from happening?
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Comments
- Collapse -
I don't have this problem as a possibility. I use Linux.

Friends have had various issues, viruses, trojans etc. The funniest was a hoax thas "Scanned my file system" and showed dozens of threats in my windows file system and wanted me to pay for a fix. With Linux, none of these directories existed. It was a video created to scare you. If I was running windows, anything I did would have loaded the virus and show over... Linux can't do everything and has a significant learning curve, but it does 99 percent of what I need. A dual boot solves the other 1 percent. It just works and now there is no way I could ever go back to windows on a permanent basis. I realize that this doesn't answer your question, but I hope to show that there is other options. The 200 million micosoft viruses don't work here!

- Collapse -
Linux

True, why would anyone write a virus for .05% of computers, like Apple, no one bothers, no one cares

- Collapse -
Uh...about Apple...

Security experts say that now Apple products are the highest item on a lot of hacker's lists, and attacks on them have reached the epidemic level.

- Collapse -
Apples to Apples

All though it is true, more hackers are going after Apple products now, they still are quite reasonably safe when compared to other systems and devices. You just have to follow common sense and use basic precautions. If you use and operate Apple devices as intended and recommended, you should have no problems ( or at the least, minimize any problems)

1. Back up your data regularly. If you have time capsule (usually with an Apple airport wireless router), set it up to regularly auto back up.
2. Even if you have time capsule, regularly (I do at least once a month) run Time Machine back ups on a portable external hard drive. Keep this drive in another (safe) location, such as at the office, or the trunk of your car. Keep in mind, Apple encrypts your back-up, in the event it falls into the wrong hands.
In the event your computer is hijacked, you can restore it from an older back up from before it was taken hostage. Just make sure the threat has been fully neuteralized BEFORE you restore it
3. Always regularly update the security software that is naturally built into apple operating systems. Even if you don't use iCloud for storage, it is handy for keeping your operating system up to date with the latest security concerns.
4. Try to avoid (or better yet, DON'T) download media and especially software from bit torrents. Quite frequently they have viruses and or maleware hitching along.

- Collapse -
Time Capsule

Can you Time Capsule backup to iCloud? And if not, how do you assure backup of specific data or all to iCloud? I just purchased an external DVD burner, so I'll finally (don't shoot me) be backing up to disk after owning my new Macbook Air since mid 2014. Yes, it was a risk, one I've not taken before, but I couldn't figure out (nor had time to research fully) how to do it with Time Capsule.

- Collapse -
More on backups

This thread seems to have wandered from the ransom issue, but regarding mimijel's post re backups to an external DVD drive, I hope there's not more than a few Gb of data involved, as a hundred blanks are needed for 470Gb of data. Much better to buy an external hard drive and preferably keep a complete system image on it and if worried about a ransom attack, don't leave it connected when not in use.

- Collapse -
Who'd hack Apple?

It's not cost efficient to try and hack Apple computers. They are a small minority of business computers. However, the Apple phone OS is much different. With smart phones being used for financial transactions and access to financial sites, its a huge opportunity.

- Collapse -
Apple products - liability

I'd bet they mean Iphones and Ipads and not necessarily laptops and Desktops with the Apple OS.

- Collapse -
Check out the family tree

MacOS and iOS runs on a version of Unix, just like Linux.
And so does Android (and Amazon FireOS, and Android variant)

Linux, Mac, iOS, Unix, Oracle, FreeBSD, Android, Fire, they all are related (some closer than others).

and all are much more secure than Windows.

- Collapse -
...forgot

(where is Edit?)
Chrome OS is also Unix based.

When I say secure, Unix based are harder to crack than Windows, however it still does not prevent the user from being tricked installing software and scripts.
If one does not install from trusted sites, they run a high risk of getting infected.

Also I have never heard of ransom ware on anything other that Windows (On a Mac, if ransom message comes with a dire message, simply quit the browser).

Perhaps on Windows the cure for ransom ware is disconnect the computer from network and force quit apps?

- Collapse -
Edit shows when you Preview a post.

Try another post, but click on the red Preview button. You should see the Edit button.

- Collapse -
I know a lot of Apple users..

That have Adobe products, and java on their Apple devices. They don't keep those updated, and so can be compromised without getting system permissions. There are a lot of other apps just as bad on mobile devices as well.

- Collapse -
A piece of suggestion

Its very true that ransomware malware is infectingt more and more of apple users. But, if ransomware attack is relying on icloud account access, 2 factor - authentication system would be a great line of defense for such issues.

- Collapse -
Linux

Don't bash Linux, i use it also (Ubuntu 14.04 with kde desktop) and have never gotten any type of virus, malware or anything, and I fix windows with malware all the time, so bashing Linux does nothing but show your ignorance, stick to the op's question instead of bashing someone else's suggestions.

Steven H: Linux is a very good tool for doing things on the INTERNET with much less fear of getting viralized, lol.

- Collapse -
:Linux is NOT the answer to the millions of Windows users...

I use a Linux PC for some things (like dodgy web site browsing where such ransomware is far more likely to be found. The ones where even Linux/Firefox gets webpages caught in a loop where you can't close pages). The fact is it now does the basics very well BUT anyone needing to add software and do video editing etc has to go through awkward setup and configuration processes. I hate having to load packages; I hate having to work out what repositories it's talking about updating and why; I hate getting asked which package i want to delete because of incompatibility issues. There is NO WAY your average PC user could be bothered dual booting, or running Wine etc. They, We, want a system that you switch on and it works... like a TV, or Kettle. Windows does it; Linux doesn't and hasn't come close in twenty years.

Until Linux gets streamlined to be as simple as Windows it aint going anywhere in the home PC market. Most folk have simple browsing needs and dont need half the power they think they do... many would probably be better just using a tablet and a handful of apps.

- Collapse -
Oh, like a Chromebook? Or Android?

Both of which use the Linux Kernel?
Or, try a distro that does all that for you. Or one with tech support (paid) where the company that installed it will take care of it for you?
Or, have you ever heard of the Ubuntu software center (I think it's slow and buggy myself, but I prefer using Synaptic, which works nicely even though it has the "faults" of letting you see what's on your system and where it comes from and what version you're using or downloading, which you apparently don't like?
Nope, not for everyone. However, MOST tablet users as well as phone users.. prefer Linux to Apple OR Microsoft!

- Collapse -
Agree with your title but...

I would agree with your title assertion that Linux is not the answer to a large majority of Windows users and I would suspect from the original post that this would apply to the OP.

While it's true that Linux is inherently less vulnerable than Windows, it was designed from the outset as a networked multi-user system, whereas Windows origin is as a single user standalone desktop. It was, after all, Bill Gates who, in one of his less insightful statements, opined that the Internet was a fad and would not take off in the user space. Given Mr Gates overall success, I guess you are allowed the odd mistake!

But that is irrelevant to the issue at hand, people use Windows for a number of reasons, it is the system they use at work, especially in the current growth of BYOD, it's the system that came with the new PC they just bought or it's the system they've grown up with and there is no incentive to embark on learning something else, like Mac OS or Linux or whatever. This majority have a PC to get work done, carry out research or play games, not to use as a computer enthusiast.

Your comments on Linux though, are more representative of Linux past. I investigated Linux 25-30 years ago and at that time, it was a small nightmare, finding drivers and resolving dependencies but it was still a powerful system. Just recently, I revisited Linux and it's almost unrecognisable, the installation on a four year old machine was complete, in about 15 minutes, with all drivers and dependencies resolved. Most software packages could be installed with a single click - to use your wishes - it just worked! The one exception was my Canon scanner but Canon never provide Linux drivers. I used OpenSuSE 13.1 with KDE 4 Desktop - I recommend it.

BUT and it is a BIG BUT, there is a software learning curve, one example, I use Photoshop Elements for photographic manipulation. True, the GIMP will do all of the same things BUT not in the same way. As an enthusiast (albeit with 50 years in the IT industry!) I'm willing to invest in the learning curve but if my next pay cheque depended on it, I might be more circumspect.

But to get back to the issue at hand, protecting against Ransomware, There are a few things that can help. One as many others have mentioned, is to make sure you have a very recent backup of your system and files. If you get hit by an AES encryption attack, there are only two options, pay up (and risk further attacks) or wipe your system and reload from your backup - breaking the encryption is not a viable solution.

The other vital action you can take is not to go online with administrator privileges. Most legitimate systems will request authorization if you don't have the necessary status and you should know what you are doing (you might want to make a specific backup before such actions, which will protect you against the malware and also against new applications/patches that break your system).

Other "must haves" are a fully patched system, a comprehensive security suite or combination of individual components, software firewall, anti-virus, anti-spyware, etc and a router with an enabled and configured hardware firewall (most modern routers have them, so make sure it's turned on and appropiately configured).

PC's will likely always be vulnerable but remember, the biggest security exposure is YOU. Be good and if you can't be good, be careful!

- Collapse -
linux?
"I use a Linux PC for some things (like dodgy web site browsing where such ransomware is far more likely to be found. The ones where even Linux/Firefox gets webpages caught in a loop where you can't close pages)."

So, you consider it more secure. That's good.


" The fact is it now does the basics very well BUT anyone needing to add software and do video editing etc has to go through awkward setup and configuration processes."

You should try Ubuntu Studio then if you've had problems with video editing. It's tailored to those who like doing a lot of that sort of work.

"I hate having to load packages; I hate having to work out what repositories it's talking about updating and why; I hate getting asked which package i want to delete because of incompatibility issues."

Most Linux distros today will update the updater itself, not unlike what Windows does at times too, and when that is done, the needful repositories are updated. You may be referring to using interim distros instead of LTS versions, but that's by choice, not by force. I'm doing that by choice even now with Windows 10 and there's no way I'd expect W10 to be like when the retail version is released, anymore than I'd expect linux versions that's not an LTS release (long term service & support) to be perfectly stable.

As for incompatibility issues, most modern linux package manager have a 5 level system which first 2 levels are completely stable and tested, anything in level 3 hasn't been tested but believed to be stable and this is where someone KNOWINGLY takes a risk, and then the last 2, which includes kernel changes usually have to be deliberately chosen at each update and are also warned they may make your system unstable or even break it, try at your own risk. Nothing could be clearer! I've never had Microsoft warn me any of their updates might crap my system, even though a few have done it in past. In fact I got in the habit of letting others be guinea pig on MS updates and then when no outraged screams erupted across the internet, I'd install them.

If by installing packages, you are referring to those who choose to use "source" files and then compile it themselves, then that again is a personal choice and not really necessary for running Linux except in the rarer cases where a particular mod must be created and added to the kernel, and often update to a newer kernel anyway would have avoided that process.


"There is NO WAY your average PC user could be bothered dual booting, or running Wine etc. They, We, want a system that you switch on and it works... like a TV, or Kettle."

WINE again is a choice some like to use for running WINDOWS based programs or games. It's certainly not required and I don't know if any Linux distro even installs it by default. It's like addding any third party software to Windows which you either like or not, that either works the way you want or doesn't meet your needs.

"Windows does it; Linux doesn't and hasn't come close in twenty years."

Windows does it? Not sure to what specifically you refer here, but I can tell you that both Windows and Linux can read and write to FAT16, FAT32, NTFS, file systems, and oh yes, Windows doesn't do EXT2, EXT3, EXT4, Reiser, and a host of other file systems, nor install to any other than FAT and NTFS types, but Linux can install to file systems other than the EXT types. Many types of video and sound files aren't even supported in windows, some are blocked by DRM, but you rarely run into such a problem using Linux. Linux in a pinch can boot from it's installation media and run a full operating system, whereas Microsoft has NEVER done that for ANY of their software releases. I will admit Windows has something that Linux doesn't, such as Product Key requirement, Trial period limit of 30 days and then locked, Activation by internet or phone to complete install, Genuine Advantage which can cripple your system unexpectedly even when you are completely legal on use of their software, requiring more phone fun with Microsoft. Yes, there are some things that Windows has which Linux doesn't.

20 years? Seriously?? Twenty years ago Microsoft was just moving from windows 3.11 to windows 95 version A. Why not concentrate instead on the past few years, even 5 years. Remember what happened in browser wars between IE and and other browsers? Even though Microsoft shipped with IE browser in it, they barely even now hold onto 50-55%, so I for one won't be surprised if eventually Windows is relegated to half of all home desktop users, because just like those who were years on AOL before moving to the real internet, I know there will always be those who do the same with Windows, and that's OK if they feel comfortable with it, even if not as safe and secure with it .

"Until Linux gets streamlined to be as simple as Windows it aint going anywhere in the home PC market."

What's more streamlined that the installation media running the operating system direct from the media if the linux system needs any repair, allowing you to put off that repair till you have a better time to deal with it? Windows won't do that, when it's down, you go nowhere until you can get it repaired, or you borrow a Linux distro on CD, DVD, or USB to use till you can repair the Windows. Programs that Windows and Linux can share are Firefox, IE (surprised on that one?), Thunderbird Email, Chrome, Virtual Box, VLC player, Libre Office, Open Office, Netflix (if you use Chrome or pipelight in Linux), Skype, and all that's not even needing WINE or CrossOver in Linux to run. That's by no means an exhaustive list.

"Most folk have simple browsing needs and dont need half the power they think they do... many would probably be better just using a tablet and a handful of apps."

You are correct, Windows keeps needing more and more power, but Linux often does the same for half as much power (as in resources) used.
- Collapse -
Loop in Firefox ( or any Browser)

Firstly, if you don't have it, get Process Explorer (PE), which is an improved version of Task Manager. Always have it running, minimised to taskbar. If you get caught in one of those loops, open PE to full page, select the browser with the problem,right click on it and select Kill Process Tree and confirm in dialogue box. This will close all browser windows. Restart browser. If, as with Firefox, you get a Restore Session box; uncheck the tab or window which caused the problem. Other browsers may just start a new session. Delete the problem page from your history and all should be OK. Run Malwarebytes Anti-Malware to check. Hope that helps.

- Collapse -
Linux is not as secure as you think.

kcandjim, I also use linux so I suggest you install "clam" to provide yourself a little protection. Bad stuff is being developed daily for Linux and it is not exempt getting sick. Okay, Linux is not for everyone, a lot of people drive cars and don't really know anything about them, stop, start, buy gas. Others know how to fix them and make them go fast, just like computers.

A day or two after this was first posted I received an email form AT&T, my DSL provider, and they said that my IP address downloaded Kovter a nasty little ransomware bug. I assume that the email was real, but maybe not. I checked the addresses and it looks real. Anyway, they provided the partial IP of the destination. Fortunately I use a router behind their modem/router and the IP address is not in my DHCP table, so I don't know where it went...but it went on leaving me behind. The modem/router from AT&T is not really the best so I pass one IP address to my better wireless router. My network is on different IP addresses so maybe that provided some protection, I don't know. Maybe AT&T got a ghost IP report, those Russian programers are smart buggers.

- Collapse -
you sound very uncertain about it

It may have been a spoof email.

- Collapse -
Ransomware - What I do

It's happened to me a few times. I was poking around on less than savory websites.

It seems to write a cookie on my computer. Sometimes I close the browser (not just the page) and re-start the browser find the cookie gone. Other times I've had to dump the history and/or cookies to clear it. I have yet to run into one that needed more attention than that.

I suppose there might be some out there that would require an anti-spyware/malware application. There are several of these available as shareware. Just download them from reputable sites.

Enjoy!

JPH

- Collapse -
Linux is the answer

Move the un-closeable tabs to the end (or beginning of the open browser window. Kill the brower. Do not close it properly. Reload the session. You should get a Restore Window. Make sure you de-select the offending tabs.

If theirs an easier way to kill a tab from a group of tabs, please let me know!

- Collapse -
No, I would not...

Preventing is not 100% possible, but the following steps will reduce your exposure:
1. Have a GOOD Antivirus/AntiSpyware suite. Purchased A/V Software is generally more thorough and updates more often then the freebies...
2. Learn to say NO to pop-ups and offered downloads. TANSTAFFL (There aint no such thing as a free lunch) most of the FREE DOWNLOADS at best are just that, free to download, but registration and payment is needed if you want to USE them and at worst are MALWARE or ADWARE.
3. Backup your DATA as appropriate - if it takes longer to retype or re-enter that data than backing it up, by all means back it up. There are only two kinds of people in the world, those that have lost data and those that will lose data!
4. Type your URLs with caution. A misspelled word can send you into a hackers site and expose you to danger.
5. Avoid downloads and "Free" Software - its tempting to download that software from a Bit Torrent, but it most often comes with hitchhikers.
6. Avoid "Emotional Reaction" when you get a Warning or a Realistic looking Pop-Up - we all want to remove a virus when warned of it, but some of those pop ups are like a Claymore (Land Mine) and that "Click" means "Yes - I allow you to Infect me." (The entire pop-up could be a YES Button).
7. Paying the Ransom will most likely result in MORE Viruses and is not likely to release your computer. If you are infected, seek a solution on a trusted tech web site OR, if you are not comfortable or able to, take it to a professional.

- Collapse -
free software

Free software is not as bad as the writer suggests. Many firms provide free software for personal use but charge for commercial use. The idea is to get the word out with paying businesses eventually buying in. But it is essential to consider the source and look for verification / review from reputable sites. I have found free software that has been better than some that I've paid for.

- Collapse -
Lots of free windows software out there

has no virus or anything else wrong with it.
SCAN while downloading. Plenty of sites have guaranteed malware-free software, such as the Portable Freeware Collection (where you can download software and run it as portable from say, a flash drive, isolating it from your system as much as possible) or right here at Cnet or ZDnet, or SourceForge or other reputable sites.
If you're not able to write your own little program to say, put the weather on your desktop, downloading one is your only option, but "buyer" beware. Again, USE a reputable download site, and SCAN for malware while downloading using reputable antivirus software (much of which is free, as well, and works better than its PAID sisters, which might take over your system like Norton and slow it down, and make it virtually impossible to remove.)

- Collapse -
Not all guaranteed free sites are free of problems

I stopped downloading software from CNET a few years ago when they started including hitchhikers in their downloads. I installed Conduit by accident with no opt out option. it hijacked my browsers, my home pages, my search engine. It took me hours to get rid of it. A recheck of the install process showed no opt out.

Then, they published an article on how great Conduit is. That's PROMOTING malware. In any case I tried the direct download links and they are not perfect either - probably due to the software publishers trying to make an extra buck.

CNET used to protect us. Now it threatens us. Less work to tack on junk than carefully check their downloads.

The forums are still good and I often follow the discussions but their greatest draw, download.com, is a threat to us all.

- Collapse -
CNET NEEDS to Delete Programs that use HITCHHIKERS !!!!

Yes, CNET NEEDS to do their part in this mess as well !

STOP providing Software downloads that include HIJACKERS !!! ...... DAMMIT !!!

I've downloaded FVD Video player from CNET and now have a very nasty problem. I did report it to CNET and it's still availble so YOU can get it too !

Oh, and yes. I do keep my PCs updated very regularily with Security, Malware and Anti-Virus programs.

My wife's PC has that nasty "Media Player12" virus (I'm sure she accidently hit a popup or something). I have scanned here PC many times and the Malware programs don't do a thing!

The fix to get Media Player 12 off a PC only REINFECTS them !

It's getting so DAMN frustrating using the Internet now with all these SCAMS and how everyone want's you to Subscribe using a Credit Card ! I feel sad for the elderly and those that are easily dupped.

Just tired of this Criminal culture of everyone trying to **** you and steal your money. That includes legitimate Retailers! TIRED of the hostile retail environment....... NO Protection for the Consumers.

Only "Less regulations for the Big Bankers and Wall Streeters!

Think all that is bad ?? GOOGLE and LEARN what this "TPP" Trans-Pacific Partnership is all about !

Talk about Race to the Bottom!

Sorry....... I'm DONE !

Thank you!

- Collapse -
AdwCleaner would probably done better..

Wilder's Security Forums or Bleeping computer is a good place to look for anti-crypto locker and other such software.

- Collapse -
download sites

The most destructive virus that ever infected my computer came from a free download from cnet. I no longer use cnet as a download site.

CNET Forums