What You Need to Know About Ransomware

There have been several outbreaks of “ransomware” over the past few months. This type of malware will encrypt all of your files, and then prompt you to send payment electronically to get your files back — holding them for ransom. The sources of these attacks are hard to track down, so if someone can successfully get their attack out there, they stand to make a fair amount of money. For that reason, I don’t expect that we’ll see an end to ransomware anytime soon.

The systems that are most vulnerable to these attacks are running older versions of Windows that haven’t been updated with all the security updates that Microsoft has sent out. There are a surprising number of these systems out there, in organizations that have chosen not to update, primarily because of the cost of maintenance.

Even though newer versions of Windows (Windows 8 and 10, specifically) are less likely to get infected by the recent ransomware, it’s extremely likely that someone out there is trying to find a new weakness in all the popular computer operating systems — both Windows and Mac — to exploit for this purpose.  If there’s money to be made, someone is going to try.

With that in mind, I’d like to suggest three things that can help protect your computers from these kinds of attacks. They’re not new ideas, and they’re not just related to ransomware protection, but if you haven’t given them some attention in a while, it’s time to do so.

System updates

Microsoft sends out regular updates to Windows via Windows Update, and it’s important that you make sure your system is set to download them, and either automatically install them, or notify you that it is ready to install them. Here is a short “how-to” on setting up Windows update.

Apple also updates macOS (or Mac OS X, prior to the “Sierra” version), and your computer can automatically download it, but it will always notify you when updates are available, so you can plan when to install them. Here’s a quick cheat-sheet on how to set it up.

Protect your system with antivirus/antimalware software

Built in to Windows 8 and 10 is Windows Defender, and while it’s nice to have a good free solution from the folks who make the operating system, I don’t think it’s good enough to be used by itself. But for that matter, I don’t think any antivirus program is. You need one antivirus program that is running all the time, watching your system for problems. Then you need a second one that you will use periodically to catch anything that might have gotten by the first one.

If you need to save money, get the free version of AVG antivirus; if you want great antivirus software, I recommend ESET Antivirus. And in either case, get the free MalwareBytes, and use it to scan your computer every week or so.

While Macs are far less likely to get viruses (for several reasons I won’t go into here), it’s not true that they never get infected by malware of various kinds. It’s worth your time to at the VERY LEAST, get the Mac version of MalwareBytes and use it on a weekly basis to make sure your system isn’t compromised. To make sure you have full-time protection, there is a free version of AVG for Mac, and ESET Antivirus is also available, for a great product, with excellent support.

Get your backups in order

Backups are insurance against the failure of your computers or their storage devices. Computers DO crash, and hard drives DO fail. Backing up your data makes copies in more than one location, so that when a crash happens, you can get your data back.

For Windows computers, use File History to actively back up files as they change. You connect an external drive or a network drive, and then set Windows File History to use a folder on that drive to keep your backups.

On Mac computers, use Time Machine to backup to an external drive or network location. Time Machine takes periodic snapshots of your files, keeping track of changed files as you go.

If you have several computers in an office, you can use a Network-Attached Storage device, or NAS, to create a location where everyone keeps their data files. Then you attach a large external drive to the NAS for local backups of that data. Synology makes their DiskStation line of NAS devices, and they work great as office file servers and as destinations for both File History and Time Machine, as well.

So that takes care of backing up locally, but you really need to have another copy of all of your files in another physical location, so that if your home or office has a disaster, your data is still safe. This is where “the cloud” comes into play. There are several great ways to back everything up to the cloud, whether your data is on a Mac, a Windows PC, or a NAS. Backblaze is one of the leading cloud backup services, and their technology can’t be beat.

It’s also important to know how to get your data back when you need to. Whatever system you use, get familiar with the process of restoring your data. And then periodically restore some data, so you can make sure the backups are doing what they’re supposed to.

 

What’s your strategy?

 

Do you have other ways that you protect your data, and keep your technology safe? Whether it’s for business or individual use, feel free to share it with me, or ask questions about any tech-related issue. Use the “Contact Me” link on this page to let me know.

Automatic Updates for Mac computers

Keeping your Mac updated with security fixes is one good way to help your system continue to stay free from malware. Even though it’s rare on Macs, the potential for malware is there, and we’re seeing more attacks as time goes on. Here’s how to set your system to let you know when updates are ready to install.

  • Under the Apple Menu, go to “System Preferences”
  • Click on the “App Store” icon
  • Check the boxes for all of the following:
    • “Automatically check for updates”
    • “Download newly available updates in the background”
    • “Install app updates”
    • “Install OS X updates” (or “Install macOS updates” for Sierra and later)
    • “Install system data files and security updates
  • Look at the “Last check was…” date; if it’s been a while, click on the “Check Now” button to get new updates

When your computer has downloaded new updates, you’ll get a notification to let you know. You can then go into the App Store app click on the “Updates” icon at the top, and apply any updates that are available.

Windows Update Settings

Many ransomware and spyware programs get into your computer by exploiting vulnerabilities in the operating system. One thing that can help protect your Windows system from malware is making sure that Windows Update is working and applying security updates and bug fixes from Microsoft.

Here are the best settings for Windows Update on Windows 10, Windows 8.1, and Windows 7. (If you are still using Windows XP or Windows Vista, my advice is to upgrade to Windows 10. If your computer is too old to run Windows 10, seriously consider replacing it soon.)

Windows 10:

Microsoft has made Windows 10 to be fairly assertive about always installing Windows Updates, so if you do nothing, it will download and install updates on its own — even in the middle of the day. It’s a good idea to set it so that it does its updates and restarts when you’re not using the computer. Do this by setting your active hours, and also set Windows Update to finish updates when you’re not there to sign in. Here’s how:

  • Select the Start button, select Settings -> Update & security  > Windows Update
  • Click on the “Change active hours” link
  • Set the start and end times to reflect when you’re most likely to be using your computer
  • Click “Save”
  • Now click on “Advance options”
  • Make sure the checkbox for “Use my sign in info to automatically finish…” is checked.

 

Windows 8.1:

The 8.1 update to Windows fixed a number of interface problems with Windows 8. Oddly, the update to 8.1 doesn’t come via Windows Update, but through the Windows Store. The procedure for doing this update can be found here. Then follow the procedure below.

  • On the keyboard, hold down the Windows key and “C” at the same time to open the sidebar on the right side of the screen
  • Click on “Settings”
  • At the bottom of the Settings panel, click on “Change PC Settings”
  • The PC Settings screen will open; In the left sidebar, click on “Update and Recovery”
  • In the Windows Update screen, selct “Choose how updates get installed”
  • The “Important updates” drop-down menu at the top has four options; pick one of the first three — my recommendation is “Download updates but let me choose whether to install them”
  • Check the boxes for “Recommended updates” and “Microsoft update”
  • Click “Apply”

 

Windows 7:

Microsoft release Windows 7 in 2009, and replaced it with Windows 8 in 2012, so as these things go, it’s getting a little old. However, it is still supported by Microsoft, and by nearly all software publishers, so there’s no immediate rush to upgrade. Here’s how to manage Windows Update:

  • Select Start->All Programs->Windows Update
  • Click on the “Change settings” link in the left sidebar
  • The “Important updates” drop-down menu at the top has four options; pick one of the first three — my recommendation is “Download updates but let me choose whether to install them”
  • Check the box for “Give me recommended updates the same way…”
  • Check the box for “Give me updates for Microsoft products…”
  • Click “OK”