Ransonware. How do you protect your computer from it?

Forum Forums General chat Ransonware. How do you protect your computer from it?

This topic contains 9 replies, has 5 voices, and was last updated by  tom 11 months, 1 week ago.

  • Author
    Posts
  • #404

    tom
    Participant

    My sister told me today that during her last week working in Bratislava, her laptop was encrypted with a demand for £300.

    For her the laptop and contents were not with the agro so she bought a new laptop.

    I, however have a lot of personal photos and stuff that are, to me, priceless. I also have a bit more kit than an aged laptop that I would struggle to replace at the drop of a hat.

    So, what steps should I take to help me recover should I fall victim to ransonware?

  • #405

    lemming
    Participant

    1.Back it up on an external hard drive

    2.Keep the external drive unplugged apart from when backing up.

    3.Have an install disc for the operating system.

    4. A preventative measure is to use whitelisting instead of anti virus and to keep windows up to date.

  • #406

    Liam
    Participant

    The external hard drive backups suggested above will be good enough protection for many people, but does rely on you remembering to plug in the hard drive and run the backup frequently.

    I run software that runs continual backups to my Synology (network hard drive). This software includes maintaining previous versions, so if you accidentally delete/edit a file, it’s easy to go back to a good copy. The Synology then backs up to the cloud, so I’ve always got an offsite copy if the house burns down. Probably overkill for most people, but I’ve got a lot of irreplacable data and it gives me piece of mind for about £2/month.

    Another solution is software that runs constant backups to the cloud, e.g. Backblaze, this costs more but is easy to setup. Obviously relies on your computer having an internet connection the majority of the time.

  • #407

    lemming
    Participant

    I run software that runs continual backups to my Synology (network hard drive).

    @liam Don’t get too confident in network-connected solutions.

    The ransomware is able to attack any network-connected drives.

    That’s why air-gapped backups are the preferred solution, along with good prevention measures.

    To the OP; there’s no need to buy a new laptop to get rid of ransomware. Provided you have regular OS and data backups, you can restore the laptop. I might be tempted to do a low-level format on the HDD first, though.

  • #408

    tom
    Participant

    To the OP; there’s no need to buy a new laptop to get rid of ransomware. Provided you have regular OS and data backups, you can restore the laptop. I might be tempted to do a low-level format on the HDD first, though.

    Even though my sister is an intelligent individual, she has no desire to learn how to solve such problems.

    As for me, I keep several acronis mirror images of my operating in different states from a Virgin state to one with every app and antivirus I can think of.

    It’s just the backup method I need to understand. And I’d like to learn best practice.

    At the moment I use freefilesync to copy my personal stuff to a Synology NAS and an external hard drive. The harddrive lives in an Argos fireproof safe.

    I’ve got Acronis. Should I be using incremental and or differential backup methods rather than something like freefilesync?

    I’m hoping these methods will reduce my risk of losing my family photos.

  • #409

    lucky
    Participant

    To the OP; there’s no need to buy a new laptop to get rid of ransomware.

    If I ever found a machine of mine was compromised, I would literally destroy it by fire.

    Too many examples of the BIOS being compromised out there, and there are dozens of other subsystems that have their own reprogrammable memories and CPUs inside a typical box, just waiting to be compromised and to hide malignancy in the background.

  • #410

    tom
    Participant

    If I ever found a machine of mine was compromised, I would literally destroy it by fire.

    @lucky Don’t please. Watching Mr Robot gives me the willies as it is.

    When Elliot gets exceptionally spooked, he fries computer chips in his microwave. I know it’s only a drama, but what is he supposed to be doing and why?

  • #411

    lucky
    Participant

    Don’t please. Watching Mr Robot gives me the willies as it is.

    @tom This is the problem – it’s such an overused SciFi trope that nobody takes it seriously any more. There have been reports of evil BIOSs out there using the microphones and speakers to communicate through air gaps.

    When Elliot gets exceptionally spooked, he fries computer chips in his microwave. I know it’s only a drama, but what is he supposed to be doing

    Assuming all power has been removed (including batteries and discharging capacitors), the only reasons I can see to do that are to destroy data contained within them or to prevent them being used anymore. There are probably a dozen of more non volatile memory chips inside a computer that could potentially be used to store data gathered by a compromised OS for later retrieval (online or physical).

    To give an example, the webcam in 2008 MacBooks has its own embedded tiny computer that controls its power and the “camera is in use” indicator LED. The firmware on this could be reprogrammed (1) to disable the LED. A creative virus writer could use the firmware to store passwords etc that were logged on the compromised computer. These would persist even after a full HDD reformat, Bootloader (formerly bios) replacement and OS reinstall. After all that, the camera’s computer could re-infect the main computer. In this case that was possible as the webcam’s computer could be reprogrammed to turn it into an Evil Keyboard that would appear to the OS as a keyboard and type in Evil Commands.

    But it’s not just built in cameras that connect to the main computer and have programmable firmware. HDDs and SSDs, Bluetooth and WiFi modules, power management modules, some batteries, some external displays etc.

    It’s interesting that Apple are now including yet another processor inside their laptops and future desktops – it runs on Apple designed and controlled hardware and is taking over various responsibilities for system security. It seems they don’t trust the computers they build and program and are now designing to the assumption that the entire system is untrustworthy. This is good practice and a terrifying state of affairs.

    and why?

    He didn’t have a handy supply of thermite…

    https://www.macworld.com/article/2081940/researchers-older-mac-webcams-can-spy-without-activating-warning-light.html

  • #412

    Kerry
    Participant

    Use Linux.

  • #413

    tom
    Participant

    Use Linux.

    If I choose to put Linux back onto my old devices, will this actually help reduce the risk and spread of ransomware on my little home network of computers, tablets and phones?

    The only thing at home which will have Windows will be my desktop computer. I have no intention of using Linux on that simply because I haven’t found anything as good as Lightroom and Premier Elements for video work. However if there is anything else that Linux can use that is as good as, then I may consider Linux on there as well.

You must be logged in to reply to this topic.

Skip to toolbar