Oh, my God! Some BBC reporters got a phishing email with their home addresses within them! Stoke the fearfest. Then watch as other Chicken Littles join in and proclaim that this “new” way of delivering ransomware is endangering us all.
Please. Get a grip.
The payload, Maktub Locker, is new, but the ways it can infect you date to the days of AOL email addresses.
You have to do some fundamentally stupid things to get infected by Maktub Locker. Let’s go over the basics, shall we?
First, just because you get an email that contains your real address, or some other personal data, doesn’t mean the contents are real. Phishing attacks have been using personal details, including home addresses, for at least a decade.
It doesn’t take a rocket scientist, or much of a security hacker, to find your home address. Every other week, there’s a new data breach — the Office of Personnel Management and Scottrade are memorable ones from the past, but next week it will be some other large agency or company. Any of those breaches could release sensitive information about you to the world. That means your address is out there. But it’s not worth much. Phishers can easily and cheaply buy your personal information off the Darknet.
Another thing to keep in mind is that there are overwhelming odds that you would have to be running Windows for the malware to pose any sort of threat to you. Sure, it’s possible to hack Linux and Mac OS X, but the vast majority of attacks are almost always on Windows PCs. That’s not because Windows users are dumber than Linux and Mac users (well, I’m not going to say that, anyway); it’s just that there are a whole lot more of them.
But let’s say that you are running Windows. That hardly means you’re doomed. For the malware to get a toehold, you need to open a Windows format file — from a stranger. And why would you do that? Opening a Windows format file sent by someone you don’t know has been a mug’s move since the late ’90s, when Word macro Trojans, such as Melissa, were the last word in malware attacks.
Let me remind you of some security commandments that many of you seem to have forgotten:
1) Thou shall not trust messages from strangers.
2) Thou shall not fool around with anything remotely dangerous on a Windows PC.
3) Thou shalt never open an attachment from a stranger.
4) Thou shalt never, ever open a Windows-specific file from a stranger. Or from your mother, for that matter.
Seriously, ma and pa may be fine people, but they’re probably not security experts. If someone has a good reason to be sending you, say, a docx file, go ahead and open it. If they don’t, then leave it untouched.
I’ll make this even simpler: If you don’t know what something is, don’t click on it!
Next, let’s look at Maktub Locker and other ransomware programs for half a minute.
Ransomware works only if you’re fool enough to break all the rules I listed above. Once you have a dose, it encrypts your files and tells you to fork over $300 to $500 in Bitcoins, or your files have had it. After you pay up, and if you’re dealing with honest crooks, they’ll give you a key to decrypt your documents, pictures and all the rest. But — shocker! — not all crooks are honest.
Now, what simple thing should you have been doing every day to prevent any need of ever paying such ransoms?
How many of you said, “Back up my files”?
Congratulations. You need never fear ransomware. Making current backups is all it takes to mitigate ransomware’s effects.
Yes, you’d still need to clean your PC of the malware, but the vast majority of your files will be safe and sound. It’s a different story when a major business gets hit, such as the Hollywood Presbyterian Medical Center. But, even there, if the hospital had simply practiced regular backups — and it seems it didn’t — it could gotten back 99% of its data at no cost, and it would have been much safer to boot. I mean, after all, just how trustworthy do you think someone is who just locked down a hospital’s data, anyway?
So here’s one more commandment you should have already known:
5) Thou shalt always back up thy data.
What ticks me off the most about this entire mess is that there’s really no news story here. The attacks never should have gotten through. Even if they did, they should have been useless.
The real story is that, in 2016, we are still making the same dumb mistakes we made in the ’90s. So remember: Don’t click on unknown files or links, and do make nightly backups. It’s not that hard!
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.