JAPANEUR

View Original

How ransomware Destroys your family photos.

Imagine you are just sitting down at your computer after the kids finally go to bed. You want to check email and maybe send a few photos to friends. Suddenly you lose mouse control. Your computer seems like it’s malfunctioning, but then it reboots and there’s a screen that blocks your login. It says: Pay us $1000 right now if you ever want access to your files again. There’s a link to pay them with Bitcoin, but you don’t know what to do. So you call the IT consultant you’ve used in the past.

“There’s nothing you can do,” she says. “If you pay them, like a lot of people do, you still won’t get your data back.”

It’s beginning to sink in. You just lost access to all the files on your hard drive. Your Quicken financials, all those letters you wrote. You rack your brain trying to remember what the PDFs and other documents were. Tax returns. You can get copies of them again, but how many hours will you need to be on the phone with the IRS? Wait. Pictures. All of those pictures that were saved on the computer.

Everything is gone. That’s what ransomware does.

What is ransomware?

Ransomware is malware, software that invades your computer, either delivered via email or by visiting a web site that has been infected, or even more simply just being turned on and Internet connected. It invades your computer and locks all the files with an encryption key. Then it demands that you pay a ransom in order to get the key that will unlock your file. Backups can sometimes help you recover, but not always. Ransomware often infects your backups, so even after tremendous effort restoring, the ransomware can take over again.

Ransomware attacks were way up in 2019, and they continue to rise. Hundreds of millions of attacks have been reported globally, and the payouts range between $500 and $50,000. Those paying the ransom almost never see their files again, and paying the ransom only encourages the criminals to keep going.

Why ransomware is becoming a bigger problem

Ransomware has always been a problem, but up until recently it was still a relatively minor issue. In the past three years ransomware has exploded. The reasons for this are economic, social and political. Ransomware is good business for thugs and criminals simply because people pay. Then there’s terrorism. Ransomware causes chaos, and as we head into the 2020 election, it’s a real concern that bad actors, government-backed or otherwise, attempt to mess with our election.

Ransomware is getting worse and it’s getting smarter

I have an extensive background in tech, with dozens of certifications in Apple Mac, Windows, networking, backup management and more. I consult for people including business owners and executives who need their tech to work extraordinarily well. In my experience, Microsoft Windows-based computers are much more likely to fall victim to ransomware than Apple Macs, but Macs are not entirely out of the woods. The traditional measures taken to mitigate ransomware on both Apple and Microsoft platforms has been to install antivirus and anti-malware software, keep you machine backed up, then keep your fingers crossed.

You notice I said mitigate above, not prevent. That’s because so many new ransomware attacks are surfacing with such frequency that the antivirus companies can’t always update their software fast enough to roll out updates to everyone in time. If the ransomware gets to you before the antivirus update, that’s it. Also, a lot of ransomware is now smart enough to embed itself in your backups, which means that restoring from a backup may not be enough.

A strategy - not tactics - for protecting yourself against ransomware

If you’ve read my blog before, then you know I’m a fan of Google. I should make it clear right now that I am objectively biased toward Google. Besides the more direct reasons that I write about in this blog, I should explain: Google isn’t just a search engine or a browser or gmail. It’s an entire platform that lives in Google’s cloud, and because it lives in their cloud, it’s protected: Every single email, file and photo is scanned for antivirus before it’s uploaded or synced. Google also scans billions of URLs per day looking for unsafe websites, and helps over a billion users by notifying them when a web site may be unsafe, even if it’s a legitimate web site that happens to have been compromised.

The Fit Client approach

When I started discovering how rich and seamlessly connected the Google G-Suite of apps are, I decided to adopt a new approach to computing. I call it the “Fit Client” approach. It’s not a “lean” or “thin” client approach - that’s when a computer has no data on it, and everything is in the cloud. In my case, I still work on a MacBook Pro the majority of my day. Starting a few years ago, I trained myself on using Google Chrome for the gmail interface, as well as Google Docs, Sheets, Slides and Google Drive. And my entire photo library is now in Google Photos, so I no longer use Apple Photos at all, except occasionally when someone shares a photo to me from Apple Photos. Basically, my entire work life is in Google with the exception of pictures and videos. So my Mac’s hard drive basically has applications on it, and the rest of the hard disk is used for processing new photos and videos as I bring them in from other devices.

If my Mac were to get hit with ransomware, the only thing I would lose would be whatever current photo or video editing projects I have on my Mac, but even that data is mostly backed up to the Google Cloud using Google Backup and Sync, which looks at my Desktop and Documents folder and keeps the contents perpetually synced in Google Drive. Here’s the key: If a file I’m working on gets infected, Google will not sync it and will notify me of a problem.

The importance of restore points when you use a Mac or a PC

The final part of my ransomware mitigation strategy is creating what techies types call a restore point. Basically, this means that I make a bootable clone - and exact copy of my computer in its current state - including applications, settings, configurations, EVERYTHING. If my computer needed to be completed erased, I wouldn’t be starting from scratch. The dozens of hours spent setting up my computer just right would be preserved in the clone, so all I would need to do is spend about 15 minutes of hands-on time and maybe an hour or two waiting for my machine to restore back to the way it was when I last cloned it. I use Carbon Copy Cloner to clone my Mac.

I make a new clone about once every three months, or when I realize I’ve made significant changes to my applications and other software.

Less time stressing and more time creating

Between the Google platform and my cloned local platform, I’m in great shape, so I can spend more time using my computer and less time trying to protect it. I still have an off-cloud backup of all my files, but that’s part of my process, not a separate event. I’ll go into that in an upcoming blog post.

If you liked this post, please share it with your network and people you care about.

Also, I’m creating a new hands-on class to teach how to set up your own G-Suite account with Google Photos. If you’re interested and would like to know more, drop me a line here.