That ransomware problem

Earlier this month, a widely-reported ransomware outbreak scared the living daylights out of people all over the world.

What happened, and how can you keep it from happening to you?

What is Ransomware?

Ransomware is a form of malware, which is short for malicious software. Malware takes many forms, but for now, let’s concentrate on ransomware.

Ransomware enters a computer system, encrypts the files, and demands payment to decrypt them. Without the decryption key, your files remain scrambled and therefore useless to you.

Because the bad guys demand payment for the key, your files are being held for ransom, and that’s where the name comes from.

What happened?

Until recently, ransomware typically infected a computer when a user clicked on a malicious email link or attachment. A file would run in the background, resulting eventually in your files being encrypted.

This wouldn’t even be apparent until a page popped up telling you about the encryption and saying how to pay.

On May 12, however, computers became infected not from email attachments, but because the bad guys were able to exploit a flaw in unpatched versions of Windows. People didn’t have to do anything to get clobbered.

Vulnerable systems got hit, and once infected, they spread the infection to other vulnerable computers on their own networks. This ransomware is called Wannacry or WannaCrypt, or just wcrypt.

How can I protect my computers?

Apply your Windows Updates. Microsoft released a patch for supported operating systems to correct this vulnerability last March. Computers that are current on Windows Updates are protected from Wannacry. But not ALL ransomware. Keep your updates current.

Computers running unsupported versions of Windows (XP, Vista, 8.0) are … unsupported!

That means they don’t get Windows Updates and this makes them vectors for this kind of attack. This problem was widespread that Microsoft issued patches for those unsupported operating systems May 12-13.

If those systems were patched before they become infected, they’re fine. Patching after the fact doesn’t get those files back.

You can further protect your computers by making sure your anti-virus program is up to date and configured to run daily scans. You can supplement your anti-virus with anti-ransomware protection, which has become widely available in the last couple of years.

CryptoPrevent is an excellent choice, and is available here. You can choose the free or a paid version. Read the comparisons on that page.

Paid versions of Bitdefender anti-virus contain antiransomware protection. I used this for a year and a half and found it worked well. But it was a challenge to set it up.

The most “set-it-and-forget-it” way to go is with Malwarebytes Premium Version 3. It's a paid product (currently about CA$50 per year) that is an antivirus/antimalware/antiexploit/antiransomware program. Yes, that's expensive.

Ask yourself if protecting your information is worth $50 a year.

Malwarebytes runs well on a decent computer (powerful processor, adequate RAM). It’s easy to set up. There's lots of information, and a link to buy it here.

Be aware that Malwarebytes Premium Version 3 takes the place of antivirus software. If you’re running any other anti-virus program, you need to uninstall that completely before you activate the paid (or even trial) version of Malwarebytes Premium 3.

(If you stay with the free version, it’s just an anti-malware tool. If you stay with the free protection, you shouldn’t ditch your current antivirus protection, BUT you won’t get the antiransomware component.)

Always have at least one backup of your important files. Never, ever click on a link in an email from someone you don’t know, and remain skeptical of links in email from people you do!

What if my computer is infected?

If it’s really infected with this ransomware, you’re probably out of luck unless you pay to recover your files. It’s worth checking here to see if there’s a solution for a ransomware problem you are having.

Also, be aware there are fake ransomware programs that don’t encrypt your files, but say they do just to get you to pay.

When in doubt, call in a professional.


Comments are pre-moderated to ensure they meet our guidelines. Approval times will vary. Keep it civil, and stay on topic. If you see an inappropriate comment, please use the ‘flag’ feature. Comments are the opinions of the comment writer, not of Castanet. Comments remain open for one day after a story is published and are closed on weekends. Visit Castanet’s Forums to start or join a discussion about this story.

More Getting Along With Your Computer articles

About the Author

The Technology Shaman, Cate Eales, has been helping people make online computing safe, accessible, and fun for over 30 years.

Cate lives in Kelowna with her husband, Eric. She owns and operates Computer Care Kelowna, a mobile computer business providing on-site service for home and small business customers.

Cate is here to help you and your home or business computer get along.

E-mail Cate at [email protected] with comments, suggestions, or questions.

Computer Care Kelowna

Column Archives

Get Cate's column by email

RSS Feed

The views expressed are strictly those of the author and not necessarily those of Castanet. Castanet does not warrant the contents.

Previous Stories