I know storing data in the cloud has its own privacy risks, but they may be less than the risks of losing everything to ransomware.
That takes care of your computers and smartphones, but what about everything else?
Or maybe your company's accounts receivable files or your hospital's patient records. The particular ransomware making headlines is called Wanna Cry, and it's infected some pretty serious organizations. Your first line of defense is to diligently install every security update as soon as it becomes available, and to migrate to systems that vendors still support.
Microsoft issued a security patch that protects against Wanna Cry months before the ransomware started infecting systems; it only works against computers that haven't been patched.
Until that changes, ransomware will continue to be profitable line of criminal business.
This essay previously appeared in the New York Daily News.
Criminals go where the money is, and cybercriminals are no exception. The scammers can't charge too much, because they want the victim to pay rather than give up on the data. Computers are infected automatically, with viruses that spread over the internet.
Encrypt the victim's hard drive, then extract a fee to decrypt it.
Commercial solutions are coming, probably a convenient repackaging of the three lines of defense described above.But they can charge individuals a few hundred dollars, and they can charge institutions like hospitals a few thousand. Payment is no more difficult than buying something online -- and payable in untraceable bitcoin -- with some ransomware makers offering tech support to those unsure of how to buy or transfer bitcoin.Customer service is important; people need to know they'll get their files back once they pay. If they're lucky, they've encrypted your irreplaceable family photos, or the documents of a project you've been working on for weeks.Computers run our traffic lights and our power grids. The Mirai botnet exploited a vulnerability in internet-enabled devices like DVRs and webcams to launch a denial-of-service attack against a critical internet name server; next time it could just as easily disable the devices and demand payment to turn them back on.Re-enabling a webcam will be cheap; re-enabling your car will cost more.