As some may already be aware, the St. Louis Public Library’s computer system has been hit with a ransomware attack which has disabled all 700 of their computers.

Ransonware is no laughing matter and effects countless numbers of individuals and organizations annually. We have seen our share of users who have asked for our assistance in ridding their machines of such an attack. Unfortunately, this is something that we would recommend a professional computer repair service troubleshoot.

Hackers are always one step ahead of us and there is no 100% solution for blocking attacks. However, the best defense is a good offense. Users should take the time to secure their computers and know how ransonware can be introduced into a computer, thus making an attack on your personal machine less likely. Though time consuming, protecting yourself in advance is much cheaper than responding to an attack that has already taken place.

Here are a few tips to reduce the risk of ransomware:

  • Install a paid antivirus software
    • While it may be enticing to try the free version, it should be noted that free versions are purposefully designed to only offer a fraction of the protection of a paid version. It is well worth the annual fee one will pay.
    • The higher the quality the better.
    • Set it to automatically update the definitions daily.
    • Unfortunately, no anti-virus will 100% protect again attacks.
  • Back-up your computer onto an external device often.
    • Be sure to disconnect once complete as an attached backup can be infected as well, thus rendered useless.
  • Make sure your computer and programs are updated
    • Outdated software is more susceptible to attacks.
  • Do not go to unreliable or suspicious websites.
    • One way to know is to have an anti-virus software with a web security module which shows you whether a site is reported to be safe or malicious when using a search engine.
  • Keep your web browser updated. Navigating, even accidentally, to a malicious site utilizes the vulnerabilities of the outdated browser to push downloads to your computer without your knowledge to infect your machine. Simply going to the site can initiate the download. It should be noted that, like anti-virus software, no browser is going to be 100% secure.
    • Google Chrome updates itself.
    • Mozilla Firefox and Apple Safari can be set to auto update in the settings.
    • Microsoft Edge will auto update with Windows 10 updates which are also automatic.
    • Do not use Internet Explorer as it has had a history of security issues and is the least likely browser to be updated.
  • Do not open suspicious emails.
    • Always look at the preview line on the email you are sent prior to opening it as well as the user sending it. Some hackers will attempt to disguise their emails to appear as if they are from a legitimate source such as Facebook. They may use emails ending in odd suffixes with the word facebook in it, such as noreply@webhost22.facebook.com (not a real email address). Even personal email addresses can be hacked and used to send messages from people you know which can include malicious content. Looking at the preview line should reveal any inconsistencies that set off a red flag. Imagine getting an email from a friend who always starts their messages with the word “Salutations”, only to see one come through with the line “Howdy”.
  • Do not click on any suspicious links, especially those claiming to be a free software download.
    • If the link is a text phrase with links to a site, you can hover over the link and typically somewhere on the top or bottom edge of your browser will be displayed where the link is actually pointing.
  • Do not download any suspicious email attachments, especially those with multiple extensions, such as picture.jpeg.exe

Recently, a relative of mine was infected with a bit of ransonware. She had received a call from a supposed “Microsoft Support” group who asked if she was having issues with her machine. She agreed to let them help and upon doing so, the person asked her to navigate to a website that had URL that was very similar to an existing well-known site. The moment she went to the site her PC downloaded a ransomware file. The person “looked” through her computer, informed her of a number of things wrong with it and offered to fix it for $179. She refused to pay for it and they locked out her computer.

The last bit of advice I have is to keep an eye, and an ear, out for these calls. I have received them in the past, and they typically claim to be from Microsoft. It should be noted that Microsoft does not monitor your computer (at least we hope not) and that they or anyone else would never randomly call you about potential computer issues. Upon receiving my call, I informed the person on the line that I was an IT professional and I recognized the call as a scam, to which I was met with an awkward pause which confirmed my suspicions. In my opinion I feel they are less likely to call me back if I call their bluff rather than asking to be taken off some imaginary “List”.

Nick O'Neal is the Director of Technology & Online Services for the Kirkwood Public Library. He has been with the library since July 2012. He enjoys playing video games, listening to Classic Rock, and watching movies. His favorite authors include Douglas Adams, Michael Crichton and Clive Cussler.