A Ransomware Short Story: Family Pictures Lost In A Click
I was checking my emails and I was happy to see one from my good friend Dave. It read; "I thought you might like this: https://www.amazonn.com/…" Anticipating something funny (we always played jokes on each other) I chuckled as I clicked the link.
The page was taking forever to load, and I started to get frustrated.
While waiting, I noticed the Windows balloon notification at the bottom right of the screen, a constant nagging reminder that I need to update Windows.
"I don't have time for this!"
And I impatiently closed the notification.
"It has been a few months since I updated. It's going to take forever for them to install."
"Finally! The page has finished loading."
It was a page for a funny looking toaster.
"How odd. He must have sent me the wrong link."
"Honey! Do you remember that funny picture we took last summer by the lake? Let's look at it, I was going to print it out so we could frame it, and I could use something funny after looking at this stupid email. What folder is it saved under?"
After several minutes of searching, I found the picture and double clicked it.
"What is this?!"
An image of a lock appeared instead of the photograph.
"Let me check my other pictures."
"What?! They all have it! $350 to get my files back!"
"OK. Calm down." Sigh. "The picture is backed up on my external hard drive."
"What?! It's locked there too?!"
I started hyperventilating and shaking, it felt like my whole world was falling apart. All my files, gone!
Then I remembered my pictures were on Dropbox. I saw that my most recent pictures were there. At least those pictures had version history up to 30 days so I was able to recover those files. But the picture I wanted to see was not on Dropbox because I ran out of space. I had moved those files from Dropbox to my external hard drive.
I got so mad that I swung at the first thing within reach. A spindle of blank DVDs went flying across the room. Ironically, those blank DVDs could have saved my files from ransomware.
Lessons from the Story
This story wis a fiction, yet it depicts scenarios experienced by many every day as ransomware is on the rise. Let's go through it step by step to identify what went wrong and how it might have been prevented.
The main character clicked on a link within an email. That is an easy trap commonly used because it still works.
The link was for Amazon with an extra "n". Had the main character noticed that he or she may not have clicked the link.The link could still have said Amazon but gone to Amazonn. Or Character substitution like Arnazon.com because your eyes may automatically connect the "r" and "n" to become an "m".
Verify the link by hovering over it / right clicking it on a desktop or by pressing down on it for 3 seconds on a touch device to get the link. Copy the link and paste it into your search engine search box. If your search engine results look weird it is probably unsafe and be careful clicking on shortened or tiny URLs.
The main character had been putting off updating Windows. This greatly increases chances of getting ransomware. The most recent ransomware attacks exploit out of date Windows computers (and can also attack Macs, Linux computers, and smartphones).
Make the time to update your devices. Not just Windows, but Adobe Flash, Adobe Reader, Firefox, Java and every piece of software you commonly use. Also delete old software you are not using.
This one is tricky. The main character was doing a good thing by backing up pictures. The down side was the backup was attached to the computer which made it vulnerable. Furthermore, the backup drive had the only copy.
It is best to have multiple backups of different type. Back up files to data disc, thumb drive, external hard drive, but don't leave it connected all the time, and, if you are comfortable a cloud service (e.g. Google photos or Dropbox). Having three copies of your important files reduces your chances of complete data loss. Open connections to backups mean your backups can also be encrypted. Along with thumb drives and any other connected devices.
The main character did not mention if he or she had antivirus software. If not, the ransomware could never have been detected. If yes, it is possible it was off, not up to date, or the ransomware was so new it was unknown to the antivirus software.
It's good to have antivirus software on your computer. You have more than a zero percent chance of stopping the ransomware if you have antivirus versus not having one. Do your research for the current top rated software however and only download from a trusted link or purchase it in a store.
Before You Go
This short novel was written to paint a vivid picture of the effects of ransomware. Simple cyber hygiene can help prevent a ransomware attack.
About the Author
Miguel is a Principal Security Engineer and is the author of the " Serverless Security " book. He has worked on multiple serverless projects as a developer and security engineer, contributed to open-source serverless projects, and worked on large military systems in various engineering roles.
Originally published on Secjuice.com