Noticeably, over the last two years, there has been a marked increase in ransomware attacks, which is, in its simplest form, a type of malware that is executed for the principal reason of extortion.
The malicious software, once deployed, encrypts data, as well as devices. Access is only achievable if the victim pays a ransom (well, so the argument goes – it’s never guaranteed). Needless to say, this is a highly effective form of cybercrime.
While it isn’t new, many information security experts see the evolution of ransomware – in the 21st century – as a troubling development. This widening threat has the ability to cause significant damage and devastation to its victims (financially, logistically and personally).
And that isn’t all. Whereas previously most of us, at an individual or organizational level, might have felt safe from its wicked reach, we can’t be so sure anymore. It’s no longer a niche and focused enterprise for its perpetrators – everyone is a potential target.
Ransomware: A trend to be wary of in 2016
Accordingly, many major security enterprises, like ESET, have noted ransomware as a being one of the biggest threats today and in the foreseeable future.
“The impact it can have on users, by preventing them from accessing all their information due to the action of malicious code, is of growing concern,” explained Camilo Gutiérrez Amaya in ESET’s 2016 cyber-forecast paper.
“It is one of the most important types of security incidents, as it takes full advantage of cases where a company's lack of an effective backup strategy and infective security implementation exposes it to risk [which is also applicable to individuals].”
Don’t underestimate the threat
Mr. Gutiérrez Amaya’s first point serves to highlight the importance of making up-to-date duplicates of your assets – such as photographs, work documents, your music collection – while also underscoring the fact that backing up data remains a much neglected aspect of modern day security. As the team behind World Backup Day note, which is being marked today, 30% of people have never done this.
You can argue that we live in a bubble, oblivious to just how vulnerable our information is to cybercrime and other risks (such as a natural disaster or a significant power failure). It’s only when an incident occurs that people begin to see the real value in backing up information.
However, by then, it’s too late. Everything you cherish or rely on has become inaccessible, in the event of a ransomware attack, or lost forever because of a random attack.
Everyone is an ‘arbitrary’ target
The fairly recent case involving Wired’s Mat Honan illustrates the latter well. In 2012, “in the space of one hour, [his] entire digital life was destroyed”, which not only revealed shortcomings in his own approach to security, but of the technological ecosystem itself.
Nevertheless, it is worth stressing some interesting facts particular to this story. Mr. Honan was – and is – a seasoned technology journalist. His approach to online security, while lacking, was perhaps more informed than ordinary consumers. And he wasn’t targeted in response to some disagreement, quarrel or financial incentive.
As one of the attackers told him: “I honestly didn’t have any heat towards you before this. i just liked your username like I said before[.]” He later added: “yea i really am a nice guy idk why i do some of the things i do … idk my goal is to get it out there to other people so eventually every1 can over come hackers[.]”
Key takeaway: backup your data
Among other things, one the key message emanating from this particularly painful case was in the undisputable importance of backing up data. As the journalist noted in a follow up article – in which he detailed how much effort and cost is required to reclaim back some of his digital life – he now swears by it. It is way of life for him:
“When you control your data locally, and have it stored redundantly, no one can take it from you. Not permanently, at least. I’ve now got a local and online backup solution, and I’m about to add a second off-site backup into that mix. That means I’ll have four copies of everything important to me. Overkill? Probably. But I’m once bitten.”
Most security professionals would side with Mr. Honan. This isn’t an overly melodramatic reaction, but a rather sound one. No single backup option is 100% bulletproof, meaning, to be on the safe side, it is worthwhile following in the journalist’s footsteps and making multiple backups on a regular basis.
Our guide from last year is a useful introduction to a number of easy approaches to consider, while this detailed overview from 2011, by ESET’s Aryeh Goretsky, still serves as an extensive presentation on the options out there for backing up your computer.