Ransomware Basics for Freelancers

You’ve recently finished a client project that needs to be sent by 5pm and head out to lunch. Upon returning, you go to put the finishing touches on the file and suddenly see a pop-up message on your laptop screen stating that all your files are encrypted and locked.

Unless you pay $300 in bitcoin in the next 5 days, your files will be destroyed.

Panicked, you try to access your document and find nothing but encrypted symbols that are definitely not your client project. As you dig deeper you find all your documents are encrypted right across the network and into your cloud storage folders.

“Ransomware wasn’t necessarily the most expensive aspect of a ransomware attack: downtime, revenue loss, and fallout were more expensive and far more damaging, especially when you’re talking about small businesses.” – Adam Kujawa, Head of Malware Intelligence, Malwarebytes

This horrifying scenario is playing out everyday for small businesses and freelancers. The malicious software behind this scenario is called ransomware and a little prevention can go a long way to prevent this scenario from happening to you.

What is ransomware?

Ransomware is one of the most sinister new breeds of cybercrime malware. It’s been built to make money quickly for cybercriminals. Its modus operandi is based on making a quick buck by exploitation and fear. Where other malware may breach databases, steal login credentials, or impact point of sale devices, ransomware is designed to directly exploit the infected user and unfortunately it tends to propagate beyond its intended target, impacting millions of users as collateral damage.

ransomware_wannacry_screenshot
WannaCry ransomware message to users

Ransomware arrives through a myriad of distribution mechanisms from email spam to botnets and even software vulnerabilities. Ransomware can even be deployed via infected ads piggybacking on legitimate websites (known as malvertising). Often the ransomware will work by exploiting a flaw in software such as your browser or plug-ins like Adobe Flash. Once a machine is infected with ransomware every file on the infected device, out into the network, and even in cloud folders like Dropbox can be encrypted.

Once encrypted, the software then uses an onscreen message to inform the user that they have to send a payment in bitcoin (usually $300-$1000 but sometimes $10,000 or more) within a certain number of days. None of your files will be usable unless decrypted. And the clock is ticking; the message warns that if you don’t pay in time your files will be destroyed.

Who is impacted by ransomware?

Every freelancer is at risk. Ransomware is a very lucrative product for the cybercriminal. The US CERT and IRS have issued warnings recently that new variants of ransomware are on the rise. The estimated revenue across all ransomware families is well into the billions in 2017.

For freelancers, the 2016 attack which targeted Microsoft Office 365 users should be of particular concern. While that attack was patched within hours, ransomware seems to come in waves and multiple flavors.

Security firm Malwarebytes noted that nearly 40% of all businesses have been attacked by ransomware. To compound the problem, ‘Ransomware as a Service’ (RaaS) is now offered as a kind of ‘leased’ version of the malware for enterprising cybercriminals-to-be. The RaaS host takes a 10% cut of the ransom fee.

here's what to do:

There are simple and effective methods you can use to protect your freelance business against the threat of ransomware.  To prevent ransomware you should:

Backup Your Data

Prepare for the worst-case scenario in case you get infected. Adopt a 3-2-1 backup strategy and make sure you keep your backup device in a separate location from your networked computer.

Keep Your Software Up-To-Date

Make sure any software you use such as operating systems, apps (Adobe Flash) and especially browser software (such as Firefox, Internet Explorer, Chrome, etc.) are kept current and patched fully.

Don't Click on Suspicious Links

Ransomware is delivered via malware-containing links, files and ads. Practice safe browsing habits and don’t fall for the phishing bait.