The FBI last fall gave shocking advice to ransomware victims: pay up. The government spy agency seemed to be throwing its hands up in defeat, but it had a point. When hackers encrypt your computer with ransomware, there's no way to get access to your files, unless you follow the hacker demands and pay the ransom in untraceable bitcoins.
Hospitals and online retailers are quickly discovering just how bad this threat is. A Los Angeles hospital, for instance, recently paid $17,000 in ransom to get access back to its computer system. It had been unable to access patient files for 10 days. Now, the U.S. government and the Canadian government have issued a rare joint warning regarding ransomware.
The Department of Homeland Security and Canadian Cyber Incident Response Centre's warning reads, in part:
"In early 2016, destructive ransomware variants such as Locky and Samas were observed infecting computers belonging to individuals and businesses, which included healthcare facilities and hospitals worldwide. Ransomware is a type of malicious software that infects a computer and restricts users' access to it until a ransom is paid to unlock it."
They also warned: "Ransomware not only targets home users; businesses can also become infected with ransomware, leading to negative consequences, including: Temporary or permanent loss of sensitive or proprietary information."
That isn't anything we didn't already know, but the U.S. government also changed course on whether you should pay ransom or not. Its message: Don't panic, and don't rush to pay.
"Paying the ransom does not guarantee the encrypted files will be released," DHS warns. "It only guarantees that the malicious actors receive the victim's money and, in some cases, their banking information. In addition, decrypting files does not mean the malware infection itself has been removed."
So, what should you do? First, never open email attachments or links, unless you requested them. Ransomware is spread mainly through phishing emails. Second, use a backup and recovery system.
The government has another suggested actions to prevent being a ransomware victim: "Maintain up-to-date anti-virus software, and scan all the software downloaded from the internet prior to execution.