Ransomware is a type of malware from cryptovirology that threatens to publish the victim’s data or perpetually block access to it unless a ransom is paid. While some simple ransomware may lock the system so that it is not difficult for a knowledgeable person to reverse, more advanced malware uses a technique called cryptoviral extortion. It encrypts the victim’s files, making them inaccessible, and demands a ransom payment to decrypt them. In a properly implemented cryptoviral extortion attack, recovering the files without the decryption key is an intractable problem – and difficult to trace digital currencies such as paysafecard or Bitcoin and other cryptocurrencies are used for the ransoms, making tracing and prosecuting the perpetrators difficult.— Wikipedia
Ransomware is a hot topic right now, not only in the tech press, but in the mass media too, because of crippling attacks on companies like Colonial Pipeline, which recently found their electronic systems hijacked by profit-seeking attackers. But it’s not just big companies, governments, and hospitals that are suffering from the scourge of of ransomware: the bad guys are going after smaller targets, too, including small business and home NAS (Network Attached Storage) systems and personal computers.
Though the future that many cybersecurity experts were worried about years ago has sadly arrived, there’s a lot users can do to minimize the likelihood that they’ll become the victims of ransomware. Improving your cybersecurity posture is a very rewarding pandemic related activity that will leave you feeling happier and healthier. Here are my top recommendations for protecting yourself and your data from threats like ransomware.
1. Backup, backup, backup
If the worst should happen and you do fall victim to malware, you’ll be able to recover your precious data without paying the ransom if you have backups. Your backup strategy should be multifaceted, encompassing both local/onsite and remote backups. For example, you could use Apple’s Time Machine to automatically back up your Mac to a network drive or external hard drive, and you could use Backblaze to automatically back up that same Mac to a remote datacenter. Mobile devices can be backed up, too, using tools like iMazing or Android Device Bridge. Take advantage! Backups will not only help defend you against the risk of ransomware, but can help you in the event of other catastrophes, like loss/theft or a disaster like a house fire or tornado.
2. Embrace the three big cybersecurity wins
The three big cybsersecurity wins are:
- Insist on encryption: Your data should not be stored or transmitted in the clear. You should encrypt your computer, your mobile devices, even your remote backups. Modern operating systems and applications make this fairly straightforward, for the most part. For example, Windows offers BitLocker, macOS offers FileVault.
- Adopt a password manager: It’s better if you don’t know your passwords. That way, they can’t be weak and guessable. Let a password manager generate, store, and autofill your passwords for you. I can’t say enough good things about 1Password, my password manager of choice.
- Deploy multi-factor authentication: From Facebook to Gmail to Twitter and LinkedIn, your accounts should be protected with multi-factor authentication, also called two-factor authentication, or 2FA. You can either use a hardware-based device like YubiKey or an authenticator app like Authy as your second factor.
3. Build a firewall for your whole network
You spend more of your time at home than anywhere else, and it’s also where most of your Internet-connected devices probably are, from your tablet, “smart” TV, Blu-ray player, personal computers, and “Internet of Things” gadgets, if you own any. These all need protecting. A network-based security strategy makes a lot more sense than a device-only based strategy, because it’s all-encompassing and doesn’t require any software to be installed.
Firewalla is a really nifty hardware based firewall. It’s a small box that you hook up to your router. Once you plug it in, it starts watching your entire home network like a hawk, and reports back to you using a mobile app for iOS and Android. It can block attacks, quarantine new devices automatically, and monitor what your vetted devices are doing. It comes in several flavors. The Blue Plus version ($199) is ideal for most home users.
Firewalla also offers ad blocking.
Its ad blocking tech is not as good as Pi-hole’s, but fortunately, if you like Pi-hole and are already using it, or want to use it, it is compatible with Firewalla. The two solutions can be used together. Just tell Firewalla not to monitor Pi-hole, and ensure Firewalla’s ad block tool is turned off.
You can even use Firewalla to set up policies to block social networks and gaming at certain hours if you want to reclaim family time.
Best of all, the team behind Firewalla is actively engaged in making it better. It regularly sees new releases, and you don’t need a subscription to use it. You just buy the hardware once and get free updates from then on.
pfSense, meanwhile, is a great choice for more advanced users.
4. Keep your devices and browsers up to date
New software vulnerabilities are being discovered all the time in all major operating systems and browsers, from Windows to macOS to GNU/Linux distros. It’s important to stay current, and the best way to do that is to turn on autoupdates on your computers and mobile devices.
Unless you’re a disciplined sysadmin who prefers to determine the precise manner and timing that updates will be installed, autoupdates are your best bet. You can set your browser to automatically pick up where you left off (keeping your tabs listed) in the event your machine restarts in the middle of the night to reduce the annoyance of autoupdates forcing a system restart.