You are here

Home » Blogs » Steven D. Brewer's blog

Protecting yourself from Ransomware

I drafted this note for the faculty in the Biology Department, but others might benefit from it as well.

Another recent Java vulnerability is being exploited and because it's Java, it can affect PCs, Macs, and Linux computers. Some attackers are using this exploit to install Ransomware.

Ransomware encrypts your hard-drive (and attached devices) and makes your data unavailable to you unless you pay a "ransom". Sometimes the demands for money are made to look like law enforcement or legal threats. There may be no way to get your data back if you get compromised by one of these trojans. But there are strategies you can use to mitigate your risk.

Last year, 50% of computer attacks exploited Java, but most people don't even need it. Unless you know you need to use Java applets, you can safely uninstall the Java plugin. This will still allow you to run Java applications on your computer, but will not allow a website to run Java code on your computer unless you download it and launch it yourself. If you google "uninstall java plugin ie8" or "uninstall java plugin mac" you can quickly find directions that will help you uninstall the java plugin. Be aware that subsequent operating system updates may reinstall the plugin in the future.

I encourage everyone to consider using the "No-Script" add-on for Firefox. No-script prevents all scripts and plugins from running in a webpage unless you specifically allow them. This can be inconvenient, because many webpages require some scripts and it sometimes takes a few tries until you find out which ones are required for a webpage to load correctly. No-Script also blocks clickjacking and several other shady webpage behaviors. It isn't perfect, but it greatly reduces your exposure to being compromised via the web.

Adobe Reader is the next most common vector (30%) for being compromised. Consider using a different application for viewing PDFs (like Preview or the Schubert-IT PDF Viewer plugin) and disable or uninstall Acrobat Reader.

Finally, if you have a lot of irreplaceable data, you might consider hedging your backup strategy: instead of a single backup, consider making two. Or don't leave your backup drive connected constantly: disconnect it and only reconnect every week or so, after you've shut down all the other applications, then run it over night, and disconnect it again.

There is no foolproof way to avoid becoming compromised, but it's worth reducing your exposure to risks as much as possible and trying to minimize the potential consequences.