Ransomware: Prevent your computer from being infected

Ransomware locks up a victim's files until money is paid. Here's how to protect your data and avoid an attack on your computer network

Protect your computer from ransomware

Last Updated May 5, 2019 7:36 PM EDT

The cities of Newark, Atlanta, and Sarasota have been hit. So have Cleveland's airport and San Francisco's transit authority. When the cyberattack targeted Leeds, Alabama, its mayor had no access to email, personnel files, or financial systems.

This week on "60 Minutes," correspondent Scott Pelley reports on the growing cyber threat called ransomware, a type of malware that locks up a victim's files and denies access to a computer system until money is paid with a digital currency that is hard to trace. While Pelley's report focuses on the effects of ransomware, the experts he spoke with said most attacks can be prevented.

Practice "cyber hygiene"

The FBI's Mike Christman recently ran the bureau's cybercrime unit. He gave Pelley tips on preventing a ransomware attack:

  • Use two-factor authentication. Two-factor, or dual-factor authentication adds a layer of security to online accounts by requiring two ways of proving your identity. One common form of two-factor authentication is entering a password, then receiving a one-time numerical code via text message.

  • Backup your data offline. Use an external hard drive to secure important information.

  • Use internal firewalls on your network. That way, if a malicious actor accesses your computer, he cannot move laterally through the network and lock up the entire system. Experts liken it to preventing one person's case of the flu from turning into an epidemic.

  • Regularly update your password. Cyber criminals looking to hack into a system sometimes purchase stolen passwords on the dark web.

  • Remote access creates an additional set of vulnerabilities. Understand the risks, including the possibility of stolen passwords, and how to prevent them when allowing employees or IT staff remote access to networks.

Beware the phishing email

The most common type of ransomware attack starts with a phishing email, which tries to get users to open an attachment or click on a link. The attachment or link then installs ransomware.

Tom Pace is a vice president at BlackBerry Cylance, a leading cybersecurity firm. He spoke with 60 Minutes producer Henry Schuster about how to identify phishing emails, saying to look for these signs:

  • Misspelled words

  • Strange word choices

  • Odd links, especially from someone who wouldn't usually send a link

  • Unusual attachments, especially a zip file or a .exe file

Pace said to be aware of where the email is coming from, and if it appears to be coming from a friend, call the person and ask if they sent an attachment before you open it.

Always update your computer's software

Pace told 60 Minutes that, when your computer tells you to update software, do it. It's called patching.

Over time, hackers find vulnerabilities within software, such as operating systems, Adobe Reader, and Microsoft Word. Vendors eventually patch those systems with regular updates—so you need to update as well.

"Be prepared"

Last year, a ransomware attack shut down the computer systems at Indiana's Hancock Regional Hospital. The entire network was held hostage until the hospital paid a $55,000 ransom. Its CEO, Steve Long, now warns others about the threat of ransomware.

"Fundamentally good organizational dynamics are what you need," Long told 60 Minutes. "So the things you're trying to do anyway, that's what's going to help you get through this."

To watch Scott Pelley's 60 Minutes report on ransomware, click here.

The video above was edited by Will Croxton.