Cheese and rice, don't these people run anti-virus software? Hard to feel sorry for them if they are running a computer without protection. I just bought a new computer last week. First thing I did after running through the set up, was load my anti-virus.

Good luck with your av sara:

"The new CryptoWall samples were not detected by any of the 55 antivirus products used on the VirusTotal website when they were discovered Sunday, the Barracuda researchers said."

http://www.pcworld.com/article/2688992/malvertising-campaign-delivers-digitally-signed-cryptowall-ransomware.html

Great article Amy.

In addition to AV, which as noted above is not foot proof, a good safeguard is regular backups.

You don't pay the ransom. What you do is restore the system from
the latest set of backups. It's somewhat understandable that
ignorant users haven't made good backups. It's completely
irresponsible for the Sheriff's office to have neglected to do so.
Malware aside, the question about any hard disk is when it will
fail, not whether it will fail.

What Ron said.

Automatic, near real-time backups can save you from all sorts of grief. The last time I had a hard drive die, I knew my backup was less than 15 minutes old. I use Crash Plan, but there are several out there, some have free options for backing up to your own, or your friend's, storage.

I also back-up regularly to an external hard drive, and this is my personal computer. I don't have anything too important stored on my personal computer - family photos, a few documents that I reference as the need arises, but I want to keep them. I learned my lesson about anti-virus when my oldest daughter would click every freaking pop up, every damn time she was on the computer. That kid crashed more computers than anyone I know.

I would like to say that I'm shocked that the sheriff's department didn't back up, but I'm not. Several years ago, someone at the law firm I work for decided that off-site back up was too expensive and not really needed so they canceled the contract with the company providing off-site back up. Three years later there was a power outage in our building, and the A/C in the server room went down and our servers fried before they could be taken off-line.

"Gregg also says Macs are less vulnerable."

That could be whistling past the graveyard, Amy. It is true that the current crop of Macs are based on BSD which has an enforced separation of privileges whereas Windows just plain sucks in that regard. However, if you regularly read your email or surf the web as a user that has the necessary privileges to install software, you are vulnerable.

Regular backups of all your files is advisable in any case. You don't need a bare metal recovery level of backup. That is nice but unnecessary to protect from this generation of ransom-ware. Just a backup that is not accessible for writing as a "normal" user.

I have mine backed up online in two different places (I've killed a hard drive before). These run in the background and are nearly constant, so I know any backup I restore to is only a few minutes old.

You want to get a backup program like Acronis that can copy the complete hard drive. This way if the hard drive crashes or virus happens you just use the install boot CD and reinstall. It takes you to the moment that you backed up.
Also make sure all your document files(autopsy reports) get saved to a flash drive every day.

"Gregg also says Macs are less vulnerable."

Gregg is wrong Amy. Macs are actually more vulnerable. They just aren't as valuable a target. There are far more windows computers out there. So it is a better use of time to design something that will break into most computers. Apple has historically been easier to break into but it just wasn't worth it for most malware writers.

Cryptowall and its like are NOT detectable by a lot of anti-virus software.

Nor, does one need to click on anything. Simply visit a sight which is infected and bam! your PC is infected.

So, yea, as others here have said - back up, back up, back up.

And, don't ever pay the thieves who do this. Sure, you may have gotten your PC back; but you just rewarded them for their theft.

It is better to have a PC expert restore your PC to "factory settings" and re-install your data than to pay a dime to those bastards.

And, as a side note, the one thing which is very irritating is that the various anti-virus softwares do not play well together. Each and every one of them considers the others to be hostile threats and tries to remove them. The only way to scan a PC with more than one anti-virus is to run the scan from another PC. Other than an IT department or a PC shop how many folks have home networks to do this?

"Gregg also says Macs are less vulnerable."

Gregg is wrong Amy. Macs are actually more vulnerable. They just aren't as valuable a target. There are far more windows computers out there. So it is a better use of time to design something that will break into most computers. Apple has historically been easier to break into but it just wasn't worth it for most malware writers.

Posted by: Ben at January 4, 2015 4:20 PM

I am not sure that is entirely true.

"The vast majority of viruses target systems running Microsoft Windows. This is due[citation needed] to Microsoft's large market share of desktop users. The diversity of software systems on a network limits the destructive potential of viruses and malware.[18] Open-source operating systems such as Linux allow users to choose from a variety of desktop environments, packaging tools, etc. which means that malicious code targeting any one of these systems will only affect a subset of all users. Many Windows users are running the same set of applications, enabling viruses to rapidly spread amongst Windows systems by targeting the same exploits on large numbers of hosts.[5][6][7][19]

Theoretically, other operating systems are also susceptible to viruses, but in practice these are extremely rare or non-existent, due to much more robust security architectures in Unix-like systems (including Linux and Mac OS X) and to the diversity of the applications running on them.[20] Only a few major viruses have hit Macs in the last years.[21][22] The difference in virus vulnerability between Macs and Windows is a chief selling point, one that Apple uses in their Get a Mac advertising.[23]"

What ever the technical aspects of vulnerability, if your operating system is a less attractive target because there are many fewer machines running OS, than you are less vulnerable.

Kind of like counterfeiting the ruble. When counterfeiting dollars and Euros is where the action is.....

Frequent backups are your best friend. You don't necessarily want an entire hard drive backup. You're most interested in protecting your data. It's easy enough to reinstall your OS and apps.

In this regard, Mac makes this easier with its built-in Time Machine backup software. Running it is the first thing I do every day ... to an external drive. It does incremental backups, so it only takes a few minutes. I can't tell you the number of times having a recent backup has saved my bacon. And you can get similar software for your PC.

Take it from a 35-year Software Development veteran.

I have heard the argument that "Macs are not targeted because they're less valuable targets" on a regular basis. At the same time, people reliably report that the majority of high dollar projects in Hollywood are processed, planned and discussed on Macintosh.
Just why would I fiddle around with your AOL account and Solitaire scores when I could see what you were working on in Premiere?

Of course this has been asserted since the beginning of the Macintosh, even when it had no "console" principle – the OS only paid attention to the local mouse and keyboard - and the entire OS was written in assembly language. Strange what justifications people can come up with.

Certainly you should have a backup plan of any sort.

These days, the vast majority of my work is backed up (for varying definitions of backup) to dropbox, google drive, or in source control at bitbucket.

If I lose a computer to a virus, I will indeed lose a day or more rebuilding, but I won't have lost data.

There is also a "hot backup" such as it is to an older, slow, spare laptop also running dropbox and drive. So it sits in a corner running the same software as on my main computer and being kept up to date as far as the data goes.

I also surf sites I think are sketchy in a virtual machine, which would help stop browser based viruses, but not do much for email based viruses.

I've been a Unix/Linux guy since the early '80s. Its security advantages over Windows are mainly:

1. Better separation of user and administrator functions. Other than installing new applications, few of the everyday things you do require admin access on a Unix based system. It seems like Windows is always asking for the administrator password for some damn thing, and it keeps a whole bunch of background service processes running with admin access even when they don't need it.

2. Unix systems were first exposed to the ARPAnet, and by extension to security researchers and the first generation of crackers, in the early '80s. Since many such systems back then were research machines used by the U.S Department of Defense, they were high-value targets. The ARPAnet itself wasn't secure worth a damn. So they were already getting exposure to attacks, and people were working to close holes, before Windows 1.0 was ever released.

3. Nearly all variants of Unix that are out in the wild today are based on open source. Each code function has been examined by literally thousands of programmers (I've done some myself), and a lot of the vulnerabilities have been found that way. And the code base is relatively clean; there isn't a lot of old code for things that people no longer use or features that have been abandoned. Although Microsoft has done a lot of work to clean up Windows since W7, it's still kind of like an old comm room: there are things lying around all over the place that nobody remembers what they do, but they're afraid to remove them because doing so might break something. (In this regard, Windows has been somewhat a victim of its own success; there's poorly coded features left over from early versions of Windows that are still being used by Big Organization legacy code, and if Microsoft rips it out, someone important in the customer base will scream.)

Having said all that: If you go mucking about in the innards of a Unix system, you can open up holes without realizing what you did. But you pretty much have to get to a shell prompt to do anything like that, and most Mac users never open the terminal application, so there's that. The other thing to keep in mind is that no operating system is proof against scripting-language nasties; pretty much every browser out there supports executable content like Javascript and Flash, and if the code in the browser (or plug-in) for those things is not secure, there's not much the underlying operating system can do about it.

I have those but I'm not sure the entire computer backs up to it.

Dropbox. No cost for 5GB of storage. Automatically copies your latest version of files, and syncs with all linked devices. Keeps the last seven versions of any file. You are never not backed up. Best thing ever except maybe for 1Password (or any other password manager).

My backup plan, besides Dropbox, is a Time Capsule, and for really important and impossible to replace stuff — family photos — four external drives, and two computers. And another external drive that, using SuperDuper, mirrors the computer's internal hard drive, updated once a week. A year ago, my laptop's hard drive started — very briefly; that's all it took for total failure — sounding like a coffee grinder.

Thanks to SuperDuper, going to Best Buy to get a replacement took longer than restoring my computer to a full-up round.

However, [on a Mac] if you regularly read your email or surf the web as a user that has the necessary privileges to install software, you are vulnerable.

The simple solution is to not do that — set up a separate admin account with its own password. My primary user account has no access to admin functions.

Gregg is wrong Amy. Macs are actually more vulnerable. They just aren't as valuable a target. There are far more windows computers out there.

That can't be right. If Macs were actually more vulnerable, and the whole user base was lulled into false complacency, then Macs would represent a very target rich environment.

Besides, what Cousin Dave said.

I say again Mac have historically been more vulnerable. Many security features were forced into windows by being exploited time after time after time. I am not saying the guys at microsoft write better code. But they are the majority when it comes to desk tops. Last year windows represented 90% of the PCs used in the world. It is not worth the time to go after a sub 10% market.

And as for the comment that million dollar movie deals are discussed on macs, so what? Billion dollar bank deals, oil deals, .... are discussed on a windows machine. Macs are dominant in the video and image processing areas. Movies, marketing, and advertising. Everything else is windows.

The same market share dynamics affect the server space as well. Windows servers are relatively insecure but rarely broken into. They are only 35% of the server market with most of the rest going to unix/linux.

Macs have gotten more secure since they moved to the unix base but their biggest safety feature is still their low usage.