THE RANSOMWARE THREAT

Cybercrime has reached a new level.    Imagine cybercriminals holding your files for ransom. It sounds like something out of a movie set in the distant future, but business owners and households are facing such a threat today. Hackers are now using ransomware to hijack computers and hold files hostage in exchange for payment. Malware programs like CryptoWall, CryptoLocker and CoinVault spring into action when you unsuspectingly click on a link in an email, encrypting all of the data on your hard drive in seconds. A "ransom note" appears telling you that you need to pay $500 (or more) to access your files again. If you fail to pay soon, they will be destroyed.1 Worldwide, more than a million computer users have been threatened by ransomware - individuals, small businesses, even a county sheriff's department in Tennessee. The initial version of CryptoLocker alone victimized 500,000 users, generating more than $3 million in payments along the way.2,3   The earliest ransomware demanded payments via prepaid debit cards, but hackers now prefer payment in bitcoin, even though few households or businesses have bitcoin wallets. (The emergence of bitcoin effectively aided the rise of ransomware; keeping the payment in virtual currency is a hacker's dream.)2,3 If your files are held hostage, should you pay the ransom? The Department of Homeland Security and most computer security analysts say no, because it may be pointless. By the time you get the note, your files may already be destroyed - that is, encrypted so deeply that you will never be able to read them again. Some people do pay a ransom and get their data back. As for prosecuting the crooks, that is a tall order. Much of this malware is launched overseas using Tor, an anonymous online network. That makes it difficult to discern who the victim is as well as the attacker - if one of your workers thoughtlessly clicks on a ransomware link, you cannot find, scold or even help that employee any more than you could locate the hacker behind the extortion.3 How do you guard against a ransomware attack? No one is absolutely immune from this, but there are some precautions you should take. First, back up your data frequently - and make sure that the storage volumes are not connected to your computer(s). Cloud storage or a flash drive that always stays in one of your computer's USB ports is inadequate. If you back up your files regularly enough, weathering a ransomware attack becomes easier.3 Keep your anti-virus software renewed and up to date. Those alerts you receive about the latest updates? Heed them. Never click on a mysterious link or attachment. This is common knowledge, but bears repeating - because even after years of warnings, enough people still click on mysterious links and attachments to keep malware profitable. Ransomware is a kind of cyberterrorism. This is why the Department of Homeland Security issues warnings about it. When you deal with terrorists, playing hardball has its virtues. As Symantec Security Response director Kevin Haley told NBC News: "If none of us paid the ransom, these guys would go out of business."2   Citations. 1 - rackspace.com/blog/dont-be-held-hostage-by-ransomware-hackers/ [1/15/15] 2 - nbcnews.com/nightly-news/security-experts-you-should-never-pay-ransomware-hackers-n299511 [2/4/15] 3 - tinyurl.com/n3rcrsm [12/8/14]

Sincerely, Bill Morrissey, CFP® and Tammy Prouty, CFP® Sound Financial Planning, Inc. Primary Office 425 Commercial St., Ste 203 Mount Vernon, WA 98273 Phone: (360) 336-6527 info@soundfinancialplanning.net Secondary Office 650 Mullis St., Ste 101 Friday Harbor, WA 98250 (360) 378-3022 www.soundfinancialplanning.net PLEASE READ THIS WARNING: All e-mail sent to or from this address will be received or otherwise recorded by the Sound Financial Planning, Inc. corporate e-mail system and is subject to archival, monitoring and/or review, by and/or disclosure to, someone other than the recipient. This message is intended only for the use of the person(s) ("intended recipient") to whom it is addressed. It may contain information that is privileged and confidential. If you are not the intended recipient, please contact the sender as soon as possible and delete the message without reading it or making a copy. Any dissemination, distribution, copying, or other use of this message or any of its content by any person other than the intended recipient is strictly prohibited. Sound Financial Planning, Inc. has taken precautions to screen this message for viruses, but we cannot guarantee that it is virus free nor are we responsible for any damage that may be caused by this message. Sound Financial Planning, Inc. only transacts business in states where it is properly registered or notice filed, or excluded or exempted from registration requirements. Follow-up and individualized responses that involve either the effecting or attempting to effect transactions in securities or the rendering of personalized investment advice for compensation, as the case may be, will not be made absent compliance with state investment adviser and investment adviser representative registration requirements, or an applicable exemption or exclusion. This information should not be construed as investment advice. All information is believed to be from reliable sources; however, we make no representation as to its completeness or accuracy. WE WOULD LIKE TO CREDIT THIS ARTICLE'S CONTENT TO MARKETING PRO INC.