You've likely heard all about "crypto ransomware," or simply "ransomware," a specific type of malware that attempts to hold your digital existence hostage by encrypting personal files and then offering decryption keys in exchange for payment. When the malware first takes root, it shows no outward signs that anything is wrong. Only after the malware does its nefarious work in the background are you presented with the ransom, typically via demands for Bitcoin or other forms of digital currency.
Some early ransomware was riddled with software bugs that made it possible to recover encrypted files that had been held hostage, but newer variants that use robust symmetric and asymmetric encryption are much more troublesome. (Symmetric encryption is typically used to rapidly scramble files, and the asymmetric encryption can then be applied to the original symmetric keys so data can only be recovered by cybercriminals with the appropriate private keys.)
Some of the latest ransomware variants are also designed to punish payment procrastination, and they double or triple their ransom demands as stipulated deadlines pass. The ransomware threat is very real, but proactive individuals and organizations can protect themselves.
Protection against ransomware attacks all about backups
Fortunately, it is relatively easy to duplicate corporate files, and regular, systematic backups are an effective strategy to combat ransomware. Of course, backups are useful only if they're created before a malware attack, so it's a good idea to immediately and regular backup important files.
Unfortunately, simple file backups aren't always enough. Some backup implementations are vulnerable to crypto malware, and backup archives can also be encrypted by cybercriminals. Some cloud-based file synchronization services replace good files with corrupted versions. So the capability to roll back to specific points in time for data recovery, and the duration of time backups are stored — as well as the amount of time and resources it takes to access stored files — should be crucial considerations for people and organizations that want to prevent ransomware complications. Though none are flawless, these three backup strategies can help you protect yourself and your organization, and prepare for ransomware attacks.
1. Battle ransomware with dedicated backup software
The simplest way to prevent ransomware attacks is to regularly backup all of the important contents on your PCs. Dedicated backup software makes full copies of hard disk drives and stores them on some external source, usually a storage drive that is disconnected and purposefully kept offline following backups. Some newer cloud services can also make point-in-time backups that are stored on external servers, and they offer a similar level of protection.
Creating full backup can be time-consuming, but it's often the best option, because any and all compromised data can be recovered from such backups following a data disaster. And total storage space shouldn't be a significant concern, as subsequent backups only capture incremental changes since the previous backup.
Sign up for Computerworld eNewsletters.