One evening in July 2015, I was sitting at my desk in the Globe newsroom, working on a story, when suddenly a pop-up ad appeared on my computer. The box contained an ominous message. It said all of my files – videos, photos, documents, everything – had been encrypted. In order to get my stuff back, I’d have to pay hundreds of dollars to some anonymous hacker who weaseled this malware onto my computer.
I tried to close the pop-up, and opened up one of the folders on my desktop. I watched in horror as my files in that folder were encrypted, one by one. Within seconds, I could no longer open any of them. My laptop had been hijacked . . . by a KEYHolder ransomware virus.
All of my files were held hostage. I couldn’t access any of them. The scariest part was that someone else could. I felt like my brain had been burgled.
I was a victim of digital extortion, a crime that is becoming all too common these days. Here’s what I learned from the ordeal.
1. Back, back, back it up. This advice comes directly from the Federal Trade Commission. Back up your data regularly, and make it a habit. Buy an external hard drive. Use the cloud. Better yet, use both.
2. Protect yourself. The best offense is good defense. Keep your security software up to date, make sure your operating system and software have all the latest updates and patches. Be extremely cautious when browsing the Web and hover over links before clicking on them. When using e-mail, think twice before clicking on any kind of link or attachment. Avoid any attachments with file names that end with the letters .exe – that’s a big red flag. Check your browser’s security settings. Consider using browser extensions — such as AdBlock Plus and HTTPS Everywhere — to make your web surfing experience more safe and secure.
3. Be careful. How did my computer get infected in the first place? I believe it was one of two ways. Moments before my files were encrypted, I had opened a press release that was attached to an e-mail. It’s possible that attachment was infected. Around the same time, I was also doing research online, and using Google to try to find a copy of an old magazine article. I clicked on one of the search results, thinking it was a reputable source (the preview blurb contained text from the article I was looking for), but it turned out to be a strange website that I had never heard of, and the magazine article was nowhere to be found. I tried closing the browser window, but it reacted sluggishly. In retrospect, I think the malware originated from that site. I may have been the victim of what’s known as a “drive-by download” and the ransomware installed itself on my computer during that brief visit to the sketchy website.
4. Don’t beat yourself up. Ransomware scams are on the rise, and even well-known organizations have proven they’re not immune to this type of cybercrime. Police departments, governments, and hospitals have all been targeted by ransomware lately, and have had to pay ransoms to recover their files. If you’re the unlucky victim of a ransomware virus, take a deep breath — you’re in good company. You were the victim of a crime, and you should report it to the FBI’s Internet Crime Complaint Center (www.IC3.gov).
5. Speaking of ransoms: Don’t pay the bad guys. When I told the Globe’s IT department what happened to my computer, they took it in to be rebuilt. I lost everything and had to start with a clean slate (er, desktop). There was never any chance that the Globe would pay the ransom, and I never expected that. I would never pay a dime to a cybercriminal. Not only is it a matter of pride, it’s risky because you could become a mark for future attacks. So don’t pay the bad guys. It only encourages them to keep doing what they’re doing.
Emily Sweeney can be reached at firstname.lastname@example.org.