The reason behind this type of attack? The perpetrators are using the attack to bully victims into "purchasing back" their data. For a reported $300, if paid within 72 hours, the victims can buy back access to their hijacked data. Unfortunately, not everyone wants to reward this behavior or even has the ability to spend $300 to get their data back. This is especially true for those of us who have taken the time to implement a backup solution for our data. However, what you need to know about this particular attack is that it locks you out of your local drives as well as any attached devices or mapped drives. So, if you back up your data to an attached flash drive or USB device and those are connected to the computer when the computer gets infected, you will also be locked out of all of the files on those devices as well. This, in effect, renders your backup solution useless.
Here are some steps you can take to protect yourself from this and any type of attack:
- Make sure you have antivirus software installed on your computer AND that it is up to date. Having antivirus software without updating it is like having expired car insurance - it will not help you when you need it most.
- Disconnect your backup devices once your files are copied there. If you use flash drives or USB devices connected locally to your computer, make sure you unplug them between backups. This way if your computer gets infected, all the files you have backed up will not be compromised. Alternatively, use more than one backup device and rotate them out to a safe location for a better disaster recovery option.
- Use caution when clicking on links and attachments in emails. I am sure this has been said before, but it cannot be stressed enough because it is one of the most common and easiest ways to compromise your computer system.
- Use an online backup solution. Backing up your data to an online system greatly reduces the risk to your data. Using an online backup service like ours, with plans that start as low as $22 per year, means you can reinstall the software on your system and download the complete set of your data without losing any files.