Login | May 22, 2017

Fighting ransomware (update) with RansomFree

RICHARD WEINER
Technology for Lawyers

Published: March 31, 2017

So, let’s review ransomware, the hot computer virus trend of last year, and how to fight it.

Ransomware is a type of virus that infects a computer by encrypting files, and then demanding money or other things of value. Once the ransom is paid, presumably, the kidnapper sends the key, or password, to the encryption and the computer’s files are unscrambled.

Common ransomware behaves in a certain way. It seeks out the most common file extensions, like Word, communicates back to the source of the virus, which then encrypts the files and sends the ransom note to the victim. Interestingly, the ransomware code I’ve seen is in Russian, but whatever.

This stuff is relatively new, and, therefore, defenses against it are evolving.

The most common advice I’ve seen and given is that ransomware needs to be prevented or, failing that, ameliorated, using a three-step process for personal computers (enterprise computers would have the scaled-up version of these steps).

First, backup up every file on an ongoing basis to the cloud. There are services and programs that will do this. Some are free, but I’m recommending a paid service.

Second, download a paid antivirus. I use Avast. Free antiviruses are cool, but you’re really gonna have to go the paid route for the most protection.

Third, download a paid malware blocker. I have Malwarebytes. Worth it (although there have been some technical problems with the latest upgrade, which I’m sure they’ll straighten out soon). They better.

Now, there is a fourth step, involving a new category of product specifically designed to fight ransomware. These anti-ransomware products are just coming onto the market.

Malwarebytes has an anti-ransomware program in beta, but I just downloaded RansomFree, which is free, is highly reviewed, and which you should go get right now at https://ransomfree.cybereason.com,

RansomFree is a different kind of program. Instead of looking for a virus from a list, it checks the behavior of a downloaded file to see if it is engaging in the ransomware-type of communication with a source that I described above. Once it detects that behavior, it blocks it and displays a screen that allows the user to decide whether or not to continue to execute the program.

One click, and the ransomware is deleted from your computer, never to bother you again. While you still have to fololow the first three steps to do your best against ransomware, RansomFree looks like a solid step to add to ransomware defense.


[Back]