THIS MONTH THE DOCTOR TACKLES...
> StopCrypt fears
> Tiny server build
> Backup bandwidth
Keep ransomware at bay
I’ve just read up on a new piece of ransomware that can evade detection and is aimed at consumer users. How can we protect ourselves from it?
THE DOCTOR RESPONDS: The ransomware you talk of is actually a variant of an existing form: StopCrypt. It has cleverly evolved to take a softly, softly approach to bypassing security measures, employing multiple delayed stages of execution to sneak on to a system before infecting it. StopCrypt doesn’t generate the same level of media attention (surprise, surprise) because it doesn’t involve huge sums of money being extorted from businesses. Instead, it focuses on us mere mortals, looking to extort hundreds of dollars in return for providing the key to decrypt your files and return them to a usable state.
While it’s worrying how ransomware has evolved, the chances of you catching it are slim unless you break all the rules of good security. For example, StopCrypt is commonly found in malvertising and dodgy downloads advertised as free and cracked software. If you’re partial to such activities, then you’ll already be dicing with infections from all kinds of malware, not just StopCrypt. Even if your security software has kept you safe so far, it’s not a smart way to operate, particularly if you do so on your main PC.
The obvious thing to do is steer clear of dodgy websites (or access them on a machine physically isolated from the your network). Second, make sure you have strong third-party anti-malware software, and run regular scans with another security package—the Premium version of Malwarebytes Anti-Malware is hot on blocking dangerous websites, and can be installed alongside existing security software. Failing that, run weekly scans using Malwarebytes Free, and consider adding the Emsisoft Emergency Kit (www.emsisoft.com/en/home/emergency-kit), a free portable anti-malware scanner that combines two antivirus engines—its own and Bitdefender’s—for a second (and third) opinion.
We also recommend finding ways to protect yourself against malvertising—look for ad blockers like Disconnect (https://disconnect.me) and AdBlock Plus (https:// adblockplus.org), which can strip out a lot of unwanted advertising, including ads containing hidden malware. If you want a universal solution to protect your network, read the January 2024 issue for our tutorial on setting up Pi-hole.
Ultimately, you also need to protect the target of any ransomware: your personal data. One obvious remedy is to make sure it’s regularly backed up—and in a location that ransomware can’t easily reach, such as offsite using a cloud backup tool like OneDrive. If that location is a network share, make sure it’s password protected, and that you’ve not checked ‘Remember my credentials’ when logging on
