Protect Yourself Against Computer Hostage Takings.

Many of you have asked me about the encryption virus that attacked my computer...It is a nasty, nasty virus which can hit any computer including MACs.
Like many of you, computers are our life line. We get emails from unknown people, have to search websites we don't know much about and generally leave ourselves at risk with the one piece of equipment that can make or break our livelihoods. As careful as I am about not opening emails from sketchy sources, watching where and which sites that I surf, I still managed to get hit and taken hostage.
This virus completely encrypts your computer and everything on it. You, actually your data and information are held hostage unless you pay their ransom.... I was advised not to pay as there was no guarantee that I would ever get my information back. In my heart I knew it would be stupid to pay the hostage takers but that did not stop me from contemplating it just so I could retrieve my information. I felt violated, angry and wanted revenge. But against who? This faceless coward (s) could be anywhere in this world. The joys of the world wide web.

I have asked my friend and IT guru to send me "what you can do to protect yourself" I have included his email to me so you too can protect yourself. DO IT. The ounce of prevention is worth the pound of cure. Although I did my back ups, I did not do it often enough. For many of you these helpful hints may be common place but for some they will find it helpful. Personally, it was easier and far less time consuming to have Ben do it. We now have set up scheduled computer "dates" in order to ensure that I will remain current. AND he will do it remotely so no matter where I am or what I am doing, there is no excuse for this to happen again. 
So here is what he suggests. He also said please feel free to contact him if you require assistance.

Here's hoping you never have to experience this, I cannot tell you what an incredible pain in the butt it was. Not to mention the loses I incurred

Hi Colleen,

Here is a list of things you can do to help prevent future infection from ransomware:

Keep your operating system up to date – don’t defer Windows Updates
Ensure your browser (Chrome, Firefox, etc) are up to date with latest security patches
Keep 3rd party extensions to the minimum (don’t install unknown 3rd party extensions)
Ensure pop-up blocker is enabled
Keep your anti-virus software up to date with real-time protection enabled
Install anti-malware (with real-time protection) and keep it up to date with latest definitions
Ensure Windows firewall as enabled and turn off un-needed ports
Keep and perform regular backups of your user profile
Do not open unknown e-mails or click links or attachments in body of the e-mail
Run and install MSBA so ensure your system is secure
Do not browse or open links on sites that you do not frequently visit
Disable files from executing within the Appdata/LocalAppdata folders
Show file extensions in Windows Explorer/File Explorer (most ransomware come with a particular extension)
Disable RDP on your machine unless it is absolutely needed
If your PC supports TPM, enable Bitlocker
Ensure you that you setup your anti-virus/anti-malware services to scan remote devices when they are plugged in (USBs, etc)
Don’t pay ransom – from information gathered, most ransomware will continue to extort users for more funds without releasing data

After doing research, I noticed that your asset was infected by a BOTNET – however I am not able to track it down to a single source. You most likely received it through an e-mail attachment (or link in an e-mail) that spoofed itself as being legitimate, where it then run an executable which encrypted your data. In the future, it is best to practice safe browsing. Stick only to sites that you know, and never open e-mails that claim to be from a financial institution requesting for information or a deposit (a reputable bank would never request for user action to be performed in an e-mail). This applies to other financial services or auctions sites such as eBay, PayPal, etc. The number 1 rule however is to always backup your data securely. Perform backups weekly to either an online solution (OneDrive, Dropbox, Google Drive, etc) or store it locally on an external hard drive that can be securely stored (and encrypted with a password, if possible).

Please feel free to forward this information to your contacts. If they need assistance, they can send me an email for consultation.

Benjamin VanMeggelen
ben.vanmeggelen@gmail.com
416.704.8467

Thanks!