Dan's Take

Ransomware: It Could Happen to You

That includes Mac and Linux users, too.

• By Dan Kusnetzky
• 04/25/2016

Nicholas Raba and Nicholas Ptacek, both of SecureMac, dropped by to discuss ransomware, Apple's OS X and some reasonable precautions people should take when using the Web. They started the conversation with a strong statement:

"Ransomware is becoming such an epidemic that even the FBI is asking businesses and software security experts for emergency assistance in its investigation. Ransomware is malicious software that encrypts a victim's data so they cannot gain access to it on their computers, then offers to unlock the system in exchange for payment. While it's wreaking havoc on businesses throughout the world, it's also impacting consumers directly."

Although most recent operating systems that have been kept up to date with current patches are hardened and hard to penetrate, other commonly used software, such as Web browsers, video viewers, document viewers and even office software are much more susceptible.  The SecureMac folks pointed out that since these products receive many updates, it's easy to persuade someone to install yet another update. This is often how malware finds its way onto computers and enterprise networks.

Painful Lessons
I know how this can happen.  I use the Web for research a great deal, often going from one search engine to another and following link after link. Recently I followed an interesting link on a news site that let me to a page that tried to take over my browser. I didn't download anything but the HTML page. An ad blocker keeps well-known problems from downloading. I only allow a small list of sites to place anything on my system.

Even though I'm very careful, after the bogus page rendered on my screen, a rather rude popup appeared on my screen informing me that I had to call an out-of-country number and pay a fee or all of the data on my system would be erased. The browser was locked up and I couldn't exit from the screen.

Thinking that this was just a JavaScript hack, I just used the OS X "force quit" function to kill that instance of the browser. When I restarted it, it executed normally. Some of my colleagues think that I'm a bit crazy to lock down my Web environment so tightly. I was rather taken aback that this could happen to me.

Every System Can Be Hacked
It amazes me to listen to people who think that Mac OS X or Linux is unhackable. As a reformed software engineer, I know that if someone is dedicated enough and willing to work very, very hard, most operating systems can be hacked.

People using OS X and Linux often say that their systems don't get viruses or malware. It's my view that this has been due to the relatively small share of the market held by these operating system. As they've become more popular, they've also become more of a target.

Dan's Take: Knowledge and a Bit of Common Sense
The SecureMac folks told me that they've been working on Mac security since 1999 and have built up quite a database of known viruses, worms, Trojans and malware. The type of attack I experienced has become far too common.

They suggest keeping your virus scanner up to date and scanning for hidden malware regularly.

They also pointed out that it's very wise not to follow links in messages, or download and read documents coming from people you don't know. They also noted that most email clients make it possible to view a message's headers. This feature makes it possible for us to see where the message originated and what mail transport servers touched it on its way into your mailbox. If a message comes from somewhere unexpected, don't open any attachments it contains.

These are common-sense suggestions, and warnings that readers of Virtualization Review know. It's still good, however, to review our security precautions from time to time.