When Your Data Is Held Hostage
The Bencher—May/June 2019
By Kevin F. Brady, Esquire
This is not an email you want to see in your inbox:
Ransomware attacks are escalating and if you think only big companies are the targets, think again. The top targets of ransomware are professional service firms, such as law firms and accounting firms, because they tend to under-invest in IT security, have weak or no backup policies, and have almost no tolerance for data loss. You might be putting all of the data on your computer at risk unless you take steps to avoid this disaster.
What Is Ransomware?
Ransomware is malware or a virus that infects your computer and prohibits you from accessing the data stored there. In this type of attack, thieves attempt to extort money from their victims not by removing data from your computer but by encrypting or locking down the data so victims cannot use it without downloading a “key” from the attacker to unencrypt or unlock the data.
The attacks start out as innocent-looking emails referred to as “phishing emails” because they masquerade as a communication from a company generally familiar to the victim. It is imperative that the victim believe that the email is a valid communication from an authentic and familiar business for the fraud to be successful. The email may reference a problem, such as a security breach, and implore the victim to click on a link and change or verify personal information, such as addresses, financial information, passwords, etc. Once the victim clicks on the link, the individual is redirected to a website that is hosting the ransomware and the virus is automatically downloaded to the victim’s computer without the person taking any further action.
Without access to the key, it is nearly impossible for the victim to gain access to the data. The preferred cryptocurrency for ransomware remains Bitcoin, but privacy-focused coins such as Dash are trending.
To make a bad situation worse, even when you pay the ransom and download the key to unencrypt your data, instead of unlocking the data, new malware might infect your data in different ways (with a subsequent demand for ransom). The FBI will not make a recommendation whether to pay the ransom, and data security experts are split on whether to pay. Everyone does agree that the best approach is to be proactive and take steps now—before any attack—to minimize the risk of loss of your data.
What’s the Answer?
Back Up Your Data Often. It is critically important to back up your data often so that you are never at risk of losing critical information. While creating backups will not prevent a ransomware attack, it will lessen the damage. Experts recommend you back up your data to a local hard drive and store the hard drive at your office or home. If you have a good backup, you have the option to ignore the ransom demand and instead go to an IT professional who can identify and remove the infected files from your computer. You can then replace the infected data with your data from the backup media. If you do not have a good backup, that option is unavailable and paying the ransom may be your only viable option.
Think Before You Click. The user plays a pivotal role in defeating this attack by thinking before clicking. If you are unsure, do not click. Instead, ask your IT department or experienced IT professional for help.
Use Antivirus Software and Keep It Up-to-date. Whether you are talking about a business computer or home computer, make sure you have updated antivirus software.
Hit the “Time Out” Button. If you think you have been the victim of a ransomware attack, disconnect your computer or device from the internet and contact an experienced IT professional for advice. Staying connected to the internet only makes it easier for the attacker to access your information. If you have an iPad or iPhone, put the device in “airplane mode” and the device will be free from external influence.
Kevin F. Brady, Esq. is of counsel in the firm of Redgrave LLP in Washington, DC. He is the immediate past president of the Richard K. Herrmann Technology AIC in Wilmington, DE.