Michael Abraham
Rafeal Stewart was by my office this morning to help me live safely in a dangerous Internet world.
Rafeal works for Gentoo Technologies, a Blacksburg company that provides IT (information technology) services to companies from Princeton to Salem and points between.
He was in to make a full system backup of my computer onto a spare hard disk. I realized that even if I backed up my files religiously and could restore them if needed, restoring all the software and configurations would be a nightmare if they were ever lost.
“We solve computer problems for businesses,” he told me.
The company was founded by Lee Talbot. Now, Lee, Russell Shock and Rafeal make up the entire staff, with contractors from time to time.
“Any issues a client has regarding computers or networks, we address. We see lots of malicious stuff online these days. A pop-up may say, ‘this is Microsoft. Call us at 800-whatever. You have a system error.’ Microsoft doesn’t accept customer calls. It’s to a fake company that wants your credit card. They tell you something is wrong and charge you a couple hundred dollars to fix it, even though nothing is broken. The fake IT scam is most common. You might be browsing the Internet. You’ll see a pop-up that takes over your browser. It instructs you to call a number for IT support. People can solve these themselves by closing the browser, often by going to the Ctrl-Alt-Delete task manager and forcing it closed. Many of our clients will call us anyway to help them fix it. Then we can run an anti-virus and anti-malware scan to make sure nothing bad has been left on the computer.”
Making news these days is ransomware. Malicious people will send a file attached to your email. When you open it, it infects your computer and locks it up, sealing away all your files, until you send them money as ransom to open it back to you. Once this happens, if you don’t have proper backups, you’d best have some butter and jelly (or a few Bitcoins), because you’re toast (as the expression goes).
I asked Rafeal how a user knows something is wrong.
“First, some warning will show up on the desktop,” he said. “It will take over your desktop. It will say you have until a certain time to send money in the form of Bitcoins to a certain location or the files will be encrypted forever. The money goes through what’s called a TOR browser, which is used by people to keep locations and browsing habits hidden and anonymous. Lots of nefarious activities go on there because it’s harder to track.
“Once you pay them, they send a key in the form of a stream of characters. That is supposed to unlock your computer and give you your files back. Sometimes they do and sometimes they don’t. And even if they do, there’s nothing to prevent them from doing it again.
“We suggest to our clients that they don’t pay them. It only keeps the scam going.”
He said the encryption was sophisticated, typically beyond what they could break. So generally these attacks were successful enough for the criminals to keep it going. A couple of months ago, a massive attack was unleashed, targeting mostly Taiwan, Russia and Ukraine.
But the National Health Service in the United Kingdom and global firms including FedEx were also under assault. Cyber-security experts have been working feverishly around the world to halt these attacks.
The malware took advantage of vulnerability in Microsoft’s Windows program. Microsoft quickly released a security patch, but unless users updated their systems, users were still vulnerable.
Rafeal thought the criminals often adjusted the ransom amount by the size and importance of the owner. When these attacks target health care organizations, their loss of data can lead to improper patient treatments and potentially even deaths. He said one of the more recent attack programs identified itself as “WannaCry,” because that’s what you want to do when you realize you’re a victim.
So what can you do?
“Backups!” Rafeal said. “Everybody should minimally keep a backup system operational that backs up all the files on his or her computer every day. That way if you do get infected by ransomware, you can restore your files. With your computer, we’ve done the additional step of making a duplicate hard disk. So if you are ever infected, we’d just put the spare hard disk in your computer, use your file backup system to restore your files, and you would be safe.
“We prefer all our customers do both these things. For most people, restoring operating systems, software, and configurations is as troublesome as restoring files. With a backup drive, that’s easy. Many people don’t even have the source CDs and would need to buy the software over again.
“(To protect yourself,) stay away from downloading files on your email system if you don’t know the source. Never open an executable file sent to you unless you requested it. The file name will be innocuous enough, but don’t be fooled. Keep your antivirus and anti-malware programs current.
“Above all, have a good back up and be prepared to restore your computer,” he shrugged.
Michael Abraham is a businessman and author. He was raised in Christiansburg and lives in Blacksburg.