What You Need to Know About Ransomware

There have been several outbreaks of “ransomware” over the past few months. This type of malware will encrypt all of your files, and then prompt you to send payment electronically to get your files back — holding them for ransom. The sources of these attacks are hard to track down, so if someone can successfully get their attack out there, they stand to make a fair amount of money. For that reason, I don’t expect that we’ll see an end to ransomware anytime soon.

The systems that are most vulnerable to these attacks are running older versions of Windows that haven’t been updated with all the security updates that Microsoft has sent out. There are a surprising number of these systems out there, in organizations that have chosen not to update, primarily because of the cost of maintenance.

Even though newer versions of Windows (Windows 8 and 10, specifically) are less likely to get infected by the recent ransomware, it’s extremely likely that someone out there is trying to find a new weakness in all the popular computer operating systems — both Windows and Mac — to exploit for this purpose.  If there’s money to be made, someone is going to try.

With that in mind, I’d like to suggest three things that can help protect your computers from these kinds of attacks. They’re not new ideas, and they’re not just related to ransomware protection, but if you haven’t given them some attention in a while, it’s time to do so.

System updates

Microsoft sends out regular updates to Windows via Windows Update, and it’s important that you make sure your system is set to download them, and either automatically install them, or notify you that it is ready to install them. Here is a short “how-to” on setting up Windows update.

Apple also updates macOS (or Mac OS X, prior to the “Sierra” version), and your computer can automatically download it, but it will always notify you when updates are available, so you can plan when to install them. Here’s a quick cheat-sheet on how to set it up.

Protect your system with antivirus/antimalware software

Built in to Windows 8 and 10 is Windows Defender, and while it’s nice to have a good free solution from the folks who make the operating system, I don’t think it’s good enough to be used by itself. But for that matter, I don’t think any antivirus program is. You need one antivirus program that is running all the time, watching your system for problems. Then you need a second one that you will use periodically to catch anything that might have gotten by the first one.

If you need to save money, get the free version of AVG antivirus; if you want great antivirus software, I recommend ESET Antivirus. And in either case, get the free MalwareBytes, and use it to scan your computer every week or so.

While Macs are far less likely to get viruses (for several reasons I won’t go into here), it’s not true that they never get infected by malware of various kinds. It’s worth your time to at the VERY LEAST, get the Mac version of MalwareBytes and use it on a weekly basis to make sure your system isn’t compromised. To make sure you have full-time protection, there is a free version of AVG for Mac, and ESET Antivirus is also available, for a great product, with excellent support.

Get your backups in order

Backups are insurance against the failure of your computers or their storage devices. Computers DO crash, and hard drives DO fail. Backing up your data makes copies in more than one location, so that when a crash happens, you can get your data back.

For Windows computers, use File History to actively back up files as they change. You connect an external drive or a network drive, and then set Windows File History to use a folder on that drive to keep your backups.

On Mac computers, use Time Machine to backup to an external drive or network location. Time Machine takes periodic snapshots of your files, keeping track of changed files as you go.

If you have several computers in an office, you can use a Network-Attached Storage device, or NAS, to create a location where everyone keeps their data files. Then you attach a large external drive to the NAS for local backups of that data. Synology makes their DiskStation line of NAS devices, and they work great as office file servers and as destinations for both File History and Time Machine, as well.

So that takes care of backing up locally, but you really need to have another copy of all of your files in another physical location, so that if your home or office has a disaster, your data is still safe. This is where “the cloud” comes into play. There are several great ways to back everything up to the cloud, whether your data is on a Mac, a Windows PC, or a NAS. Backblaze is one of the leading cloud backup services, and their technology can’t be beat.

It’s also important to know how to get your data back when you need to. Whatever system you use, get familiar with the process of restoring your data. And then periodically restore some data, so you can make sure the backups are doing what they’re supposed to.

 

What’s your strategy?

 

Do you have other ways that you protect your data, and keep your technology safe? Whether it’s for business or individual use, feel free to share it with me, or ask questions about any tech-related issue. Use the “Contact Me” link on this page to let me know.

Automatic Updates for Mac computers

Keeping your Mac updated with security fixes is one good way to help your system continue to stay free from malware. Even though it’s rare on Macs, the potential for malware is there, and we’re seeing more attacks as time goes on. Here’s how to set your system to let you know when updates are ready to install.

  • Under the Apple Menu, go to “System Preferences”
  • Click on the “App Store” icon
  • Check the boxes for all of the following:
    • “Automatically check for updates”
    • “Download newly available updates in the background”
    • “Install app updates”
    • “Install OS X updates” (or “Install macOS updates” for Sierra and later)
    • “Install system data files and security updates
  • Look at the “Last check was…” date; if it’s been a while, click on the “Check Now” button to get new updates

When your computer has downloaded new updates, you’ll get a notification to let you know. You can then go into the App Store app click on the “Updates” icon at the top, and apply any updates that are available.

Windows Update Settings

Many ransomware and spyware programs get into your computer by exploiting vulnerabilities in the operating system. One thing that can help protect your Windows system from malware is making sure that Windows Update is working and applying security updates and bug fixes from Microsoft.

Here are the best settings for Windows Update on Windows 10, Windows 8.1, and Windows 7. (If you are still using Windows XP or Windows Vista, my advice is to upgrade to Windows 10. If your computer is too old to run Windows 10, seriously consider replacing it soon.)

Windows 10:

Microsoft has made Windows 10 to be fairly assertive about always installing Windows Updates, so if you do nothing, it will download and install updates on its own — even in the middle of the day. It’s a good idea to set it so that it does its updates and restarts when you’re not using the computer. Do this by setting your active hours, and also set Windows Update to finish updates when you’re not there to sign in. Here’s how:

  • Select the Start button, select Settings -> Update & security  > Windows Update
  • Click on the “Change active hours” link
  • Set the start and end times to reflect when you’re most likely to be using your computer
  • Click “Save”
  • Now click on “Advance options”
  • Make sure the checkbox for “Use my sign in info to automatically finish…” is checked.

 

Windows 8.1:

The 8.1 update to Windows fixed a number of interface problems with Windows 8. Oddly, the update to 8.1 doesn’t come via Windows Update, but through the Windows Store. The procedure for doing this update can be found here. Then follow the procedure below.

  • On the keyboard, hold down the Windows key and “C” at the same time to open the sidebar on the right side of the screen
  • Click on “Settings”
  • At the bottom of the Settings panel, click on “Change PC Settings”
  • The PC Settings screen will open; In the left sidebar, click on “Update and Recovery”
  • In the Windows Update screen, selct “Choose how updates get installed”
  • The “Important updates” drop-down menu at the top has four options; pick one of the first three — my recommendation is “Download updates but let me choose whether to install them”
  • Check the boxes for “Recommended updates” and “Microsoft update”
  • Click “Apply”

 

Windows 7:

Microsoft release Windows 7 in 2009, and replaced it with Windows 8 in 2012, so as these things go, it’s getting a little old. However, it is still supported by Microsoft, and by nearly all software publishers, so there’s no immediate rush to upgrade. Here’s how to manage Windows Update:

  • Select Start->All Programs->Windows Update
  • Click on the “Change settings” link in the left sidebar
  • The “Important updates” drop-down menu at the top has four options; pick one of the first three — my recommendation is “Download updates but let me choose whether to install them”
  • Check the box for “Give me recommended updates the same way…”
  • Check the box for “Give me updates for Microsoft products…”
  • Click “OK”

What’s a DDOS, and why can’t I get to Twitter?

We don’t yet know who is behind today’s massive disruption of Internet services, but it’s pretty clear how they’re doing it. They’re using people’s unprotected routers, smart doorbells, smart thermostates, security cameras, and other “Internet of Things” devices as a zombie army.
 
I’ll give an explanation of what’s going on, but first, let me urge you to make sure that any network-connected devices you have in your business or home network is NOT still using the default, factory-original password, but that you’ve set good, smart passwords for everything. If you do that, it’s less likely your device can be used as part of a “botnet” — a group of devices that have been compromised.
 
There are two main parts to what the attackers are doing. First, these hackers have used programs to rapidly scan through thousands upon thousands of Internet addresses to see if they can find a way into a private network, and into the devices on that network. If these automated hacking programs find networks and devices that aren’t properly protected, they plant their own malicious software on the devices, but leave the devices operating normally, so the users don’t know anything is wrong.
 
Once the devices are compromised, then the hackers send instructions to the malicious software, and tell it to start sending as many requests as it can to particular servers on the Internet, in order to flood those servers with more traffic than they can handle, effectively shutting them down. The term used is a Distributed Denial-of-service attack, or DDOS.
 
In today’s attack the servers that are being attacked aren’t web sites, but DNS servers – Domain Name Servers. They’re essentially directories, matching the names of websites and other servers (like www.<insertnamehere>.com) to the numeric Internet addresses of the actual servers those sites exist on.
 
Here’s an analogy: Imagine a receptionist in a large office building, who is frequently asked by people coming into the building for the office number of one of the building’s occupants. On a normal day, the receptionist gets a few questions an hour, and things go smoothly. Now imagine that for some reason, a hundred protesters crowd the lobby, all asking over and over for office numbers, just to be obnoxious. The poor guy can’t possibly answer everyone effectively, nor can he tell who is one of the protestors, and who is someone who is legitimately trying to find a business in the building.
 
That’s not a perfect analogy, but you get the picture. You’re just trying to use Twitter, or stream some music from Spotify, or connect to the cloud-based system you use to run your business, but your computer’s request for the address of the Internet site is getting lost in the crowd of all the bogus requests from the compromised devices, so it can’t make a connection.
 
The current cyberattacks are being investigated by the FBI and the Department of Homeland Security. I don’t expect they’ll say anything about the source of the attacks until they’ve taken some direct action about it. For now, the company that has been the primary target has taken steps to protect themselves. However, it’s not likely that this is the last time we’ll see such a widespread disruption.
 
Update your passwords, folks! Don’t know how? Feel free to use the contact form here on my website to ask any questions you might have.
References:

MacKeeper Isn’t Worth Keeping

MacKeeper is a program that bills itself as a utility to help you keep your Mac running smoothly. Originally, it was a good program. The publisher showed up at all the Mac-oriented trade shows, and the program was given high marks by the tech press for its usefulness and design.

Then it changed hands; the original publisher sold it off to another company, which had different plans. While they retain some of the functionality of the program, and have continued to add features (though these features aren’t really helpful), they’ve also made it an advertising tool, delivering intrusive popup ads to users’ web browsing. Instead of speeding up your Mac, it can actually slow it down.

If you have MacKeeper, you might be able to easily uninstall it, though sometimes it doesn’t want to go quietly. MacWorld.com refreshed an article this week (they edited it after its initial publication earlier this year) on how to remove it, and it’s worth looking at, if you want to remove MacKeeper. It’s also worth reading some of the comments in the article, to see what kinds of problems it has caused for users.

My recommendation is that you DO remove this program, if you have it. If you paid for it recently, you may be able to get a refund from the publisher.

The MacWorld article also mentions MalwareBytes Anti-Malware for Mac (free), which can be used to remove MacKeeper and other problem software. There aren’t many viruses for Mac, but they’re out there. I’ve trusted MalwareBytes to clean up Windows systems for years, and their Mac version is just as useful. Run it once a week, or whenever you think there’s a problem with malware or viruses on your computer, and it can help keep things cleaned up.

Questions? Comments? Use the “Contact Me” form on the right.