This blog was written by Bruce Snell.
Ransomware has seen a huge increase over the past couple of years. According to our June Quarterly Threats Report, there was a 113% increase in ransomware over the past year. However, the real indicator for me has been an increase in questions about ransomware I get from people once they find out I work for McAfee. Working in the security industry, you hear these terms all the time, but when my doctor brings up ransomware I know it’s a big issue.
Ransomware is particularly damaging because it can encrypt files on your computer and make them unrecoverable unless you pay a ransom to get them unlocked. It may not sound like a big deal at first, but ransomware typically goes after pictures and personal documents. Pictures from your last vacation, your favorite concert or your kid’s first birthday are all at risk of being permanently encrypted and effectively gone forever.
At McAfee, we believe that people should be able to use a computer, tablet or smartphone without fear of having their information stolen or held hostage. This is why we worked with other organizations in law enforcement and security to form No More Ransom.
This portal was put in place to serve as a way to help educate the public about ransomware, but more importantly, to also offer decryption tools to help people recover files that have been locked by ransomware. On the site (https://www.nomoreransom.org) you’ll find decryption tools for many types of ransomware, including the Shade ransomware.
How Do I Know Which Ransomware I Have?
It can be difficult to know exactly what type of ransomware has infected your system, which is why my favorite feature of the No More Ransom site is the Crypto Sheriff. Aside from being fun to say, the Crypto Sheriff is a tool that helps you figure out which ransomware is on your system. To use the Crypto Sheriff, you upload 2 encrypted files and any email address or website you see in the ransom demand and Crypto Sheriff will provide you with a link to download the correct decryption tool.
An Ounce of Prevention
No More Ransom goes a long way to help people impacted by ransomware, but unfortunately there are still many types of ransomware out there without a fix. If you’ve been infected by one of these types of ransomware the only way to recover from it is to restore your files from a backup. Most ransomware uses encryption that would take years to crack, so unless a decryption key is available there is little you can do to recover infected files. Fortunately, there are some preventative steps you can take to protect yourself from ransomware.
- Update, update, update – Updating your operating system (OS) and applications will go a long way towards fixing the software vulnerabilities ransomware uses to infect your system.
- Use robust antivirus software – Antivirus software can help catch ransomware before it has a chance to infect your system. Remember the tip above and make sure your security software is set to automatically update so you always have the latest protection.
- Be suspicious – Ransomware is often spread by malicious links. Since you most likely wouldn’t click on a link sent by a stranger, cybercriminals will often use phishing emails that appear to be from a friend, your bank, the government, etc to trick you into clicking on a link containing malware. These links can also come from social media or instant messages from friends who have had their account compromised. The bad guys crack your friend’s password and send links pretending to be them.
- Back it up – If all else fails, keeping a backup of your important files can help you recover in case of a ransomware infection. There are plenty of good online backup options, but you can also use a portable drive and attach it when you need to backup. If you use a portable drive, make sure to unplug it when not in use, or it could also be encrypted by ransomware.
Getting infected with ransomware can cause no end of headaches. However, though a combination of preventative measures and the tools available at No More Ransomware you can continue to enjoy your digital life. For more information about ransomware, feel free to take a look at our primer on ransomware.