Tehachapi's Online Community News & Entertainment Guide

Ransomware

Tech Talk

Ransomware is one of the biggest and fastest-growing threats online. The year 2020 saw a massive spike in ransomware attacks and the amount of money paid out to criminals.

Quick refresher: Ransomware is malware or malicious software.

Malware can damage your computer or your files. Computer viruses, worms, trojan horses and spyware are all considered malware. I think any program that advertises itself as free and then makes you pay for it once it's installed on your computer is malware, too. But, that's just me.

Ransomware encrypts your files – your pictures, documents and videos. You can still see the files, but your computer can't open them anymore. The ransomware demands payment for a key to decrypt your files. Without the decryption key, your files remain scrambled and useless to you. Because the criminals require payment for the decryption key, that's a ransom demand. Ransom plus malware equals ransomware.

A recent example is the Colonial Pipeline hack. The hackers got inside the corporate network and encrypted the billing records for the company. Understandably concerned about billing people for the fuels the pipeline was delivering, the company paid the ransom and received the decryption key. They also halted all pipeline operations, worried that the hack might get into their separate operations network.

If the company paid the ransom, why did it take so long to get everything back up and running? The decryption key Colonial bought from the hackers was so slow, it was faster for the company to restore the encrypted files from company backups.

Even though you're not a multi-million dollar company, you might find yourself plagued by a ransomware attack. The good news is Windows 10 has built-in ransomware protection. Microsoft calls its ransomware protection Controlled Folder Access, and it works by, well, controlling access to your folders. If the ransomware can't access your folders, it can't encrypt what's in them. The bad news is you'll have to run the search yourself. Here's how.

In the Windows Search bar, type "ransomware" and click on the Ransomware Protection search result. Or you can click on Start > Settings > Update & Security > Windows Security > Virus & Threat Protection and scroll down to Manage ransomware protection.

If you have games or apps that need access to specific folders in your Users folder, you can permit access on this screen.

NOTE: If you use any third-party security software on your computer, you won't be able to turn on the Controlled Folder Access setting for real-time scanning of the files on your computer. It should still work on your cloud-enabled drives.

To protect yourself from ransomware attacks:

Do your Windows Updates. Think of software updates for your computer like a recall notice for your car. Somebody fixed something that was broken and wants you to have the fix.

Make backups. Back up everything in your Users folder to an external hard drive and keep that drive unplugged from your computer when you're not backing up. Or sign up for an online backup service like Carbonite, Mozy or Crashplan. They all keep backups of your files for thirty days, so you can always go back and restore any encrypted files if you get attacked with ransomware.

Q and A

Q: How did the computer hackers get away from the scene of the crime?

A: I think they just ransomware.

Do you have a computer or technology question? Greg Cunningham has been providing Tehachapi with on-site PC and network services since 2007. Email Greg at [email protected].