International intrigue visited Franklin recently in the form of ransomware on the village computer.
Ransomware is a form of computer hack or malware attack that scrambles (encrypts) data, making it unusable. In order to unencrypt the information, ransom must be paid. This scrambling or encrypting is reversible with a correct password, which is realistically impossible to guess, and can only be provided by the attacker/hacker.
Typically, extortionists demand payment in exchange for the password, which will unlock the files. The payment is in the form of an untraceable currency, such as Bitcoin or other cryptocurrency.
Trust is an issue in all ransomware cases because paying the ransom does not guarantee that the victim will receive the password to unscramble their files. But even criminals realize that no one will pay if the probability of getting the files back is low.
In the Village of Franklin case, the files were restored. The Village has also contracted with professional support to ensure that this is unlikely to happen again. (For the purpose of this article, we reached out to their computer support for this incident to get more details, but have not heard back.)
Could this happen to you or your organization? And can you prevent it?
Currently, the primary targets of ransomware are small municipalities, health care facilities, small businesses and organizations – in short, groups who have valuable data and enough money to pay some ransom, but may not be able to afford a sophisticated IT department that would help to avoid or mitigate an attack of this kind.
So, while individuals have been, and continue to be targeted, there’s usually more money to be made from extorting small businesses, municipalities or organizations, so individuals are less likely to be targeted. Regardless of your situation, with some planning, an organized backup system with multiple backups not connected to the network can help minimize the damage.
However, individuals continue to be barraged by computer malware not involving ransom, and we all need to be increasingly vigilant about protecting our computers and personal data. Though a full discussion is beyond the scope of this article, a few quick tips are:
- don’t click on links in email unless you are very sure of their origin
- don’t open attachments from people you don’t know
- be skeptical of email that purports to come from someone you know but doesn’t look right. It’s often best to call the sender to confirm that files were sent.
- never click on a popup that declares they can help you clean up your computer; force quit the app if you can’t get out any other way; an “X” to close a window in such a case may very well initiate a malware infection.
- make sure security patches are applied to your computer.
Helen McLean and Bill Gruber provide a range of technical and computer services and advice to individuals and companies in the Franklin area.