The Past

Computer viruses. We all know what they are. Nasty little bits of code that get onto your Windows or Mac computer, or perhaps your smartphone, because you clicked the wrong link in the wrong email, which welcomes the malicious, self-replicating program onto your hard drive. Before detailing the imminent threats that face us today, let’s briefly look at the history of computer viruses, and how they get increasingly dangerous year after year.

The first computer viruses came to be in the early 1970’s, and existed solely within the labs in which they were created. In general, the public wasn’t aware that computer viruses were even a thing, and especially being that home computers didn’t come to exist until the late 70’s, the average person or business was at a 0% risk of being infected.

Then, throughout the 1980’s, viruses started being seen in the wild. Generally, they were used to cause mischief, from the more benign viruses that would simply display poems on the user’s screen, to more sinister programs that would make all the data on a disk inaccessible. At the time, being that there was no Internet, viruses infected computers via floppy disks, as people would use these to share documents and programs with each other. Also given the absence of the Internet at the time, once a virus was on its computer, it had no way of “calling home,” or sending any information to its creator. The people who wrote viruses just had to trust that their creations were out there causing havoc.

Enter the internet. A new frontier for viruses. Not only could viruses be spread much more easily across this new medium, viruses could now talk to their owners, sending back any data on your computer, including credit card numbers, passwords, browsing history, emails, etc. As shown in the graphic below, the spread of malware is growing at an alarming rate. By the end of 2015, there will be almost half a billion unique pieces of malware in the wild.

malware-all-years_sum_en

 

 

The Present

It’s 2015 and a more vicious type of virus has been spreading. Ransomware, Cryptovirus, and a slew of other names have been given to the individual strains of these viruses. Whatever it’s called, what it’s doing is holding your data for ransom. How does it do that? Well, once the virus is on your computer, it encrypts every document it can get its hands on, making all your Word documents, Excel spreadsheets, Adobe PDF’s, pictures, songs, videos, etc, completely inaccessible. The virus will also leave a ransom note in all the affected folders. You’ll find files named DECRYPT_INSTRUCTIONS.HTM or similar. Here’s an example of what these files look like when opened in a web browser:

In order to regain access to your files, you need to pay $700 by a certain date.

 

While cryptographic viruses aren’t totally new, the onset of Bitcoin virtual currency is, and it is completely untraceable. This is obviously of tremendous benefit and appeal to the type of people who would deploy ransomware viruses, as they can receive their ransom without their identities being revealed.

 

So, What Can You Do

In 2015, I don’t think I need to tell you that the best thing to do is have a good anti-virus software. Here at Catharsis, we prefer WebRoot, as it operates in a different way than traditional anti-virus tools. While your typical anti-virus solution needs a constantly-updated database of the viruses that exist out there, this model has a simple yet glaring flaw: If the anti-virus software is unaware of a specific virus, it doesn’t care about it. That is to say that if a brand new virus gets onto your computer, traditional anti-virus programs will scan it, realize it doesn’t match their virus database, and let the program do whatever it wants. Webroot, however, maintains a cloud database of safe software. This resolves the problem of traditional solutions because if Webroot doesn’t recognize an application on your machine, it prevents it from running, and runs tests on it to see what the program does.

Second to having a good anti-virus application, keep backups, preferably separate from your computer. A cloud backup solution is one of the best and easiest methods for this. Be it a free Dropbox account where you manually upload your most important documents, or a more complex automated cloud backup tool that maintains snapshots of your server environment, putting your data behind a password in the cloud will prevent CryptoWall and other ransomware viruses from touching it. That way, your data is easy to restore without having to pay money to anonymous criminals.

Lastly, Windows itself comes with file monitoring tools that, while not as simple to operate as an anti-virus tool or cloud backup, can be configured to only allow certain files to be run and downloaded. This means anything that’s not explicitly whitelisted by the user or system administrator is not allowed to reside on a computer’s hard drive. It’s extremely effective, but not for beginners.

If you’d like to have a consultation regarding making your network more secure, or fear that you may already be compromised, please click here to get in touch with us. We’d be happy to help.