My Mac was held for ransom. I panicked. God, did I panic. Then I realized that if I close my MacBook and reopen it with command T, I would open my Mac to the previous session. It worked. No pay. No ransom. And I'm not even tech-oriented.
34
I clone my C: hard drive on a monthly basis, and all data files are backed up externally as well. If I were struck by a ransomware threat, I'd simply restore my hard drive and be back in business. If they did it again, rinse and repeat.
45
@DBA I wish more people & organizations had the same mentality as you.
3
@DBA unless of course that piece of malware is on your C: drive
8
@DBA Provided you didn't back up the ransomware when you cloned your hard drive. The problem with a lot of these malwares is you don't know when you were infected.
13
It's not the FBI's job to advise people how to make their data more secure, any more than it is the FBI's job to recommend specific locks, security cameras or burglar alarms. The real culprit here, if there is one, is capitalism. In a search for ransomware fixes on Google you will get lots of companies offering to sell you ransomware fixes. No More Ransom does not show up until the fifth page of the search results.
48
@Jay Orchard What about "to provide for the common good" and "to protect and serve?" I believe that this falls under both those mandates.
58
@Jay Orchard Perhaps google can make an even bigger impact than the FBI by placing "No More Ransom" at the top of the results. But they wont...
35
@Anita
That motto does not entitle you to have an FBI agent come to your house or place of business and make security recommendations.
4
If you are a government agency or a business, you should not be using Windows for anything but a colorful front end terminal. There are serious operating systems designed for production business environments. That, and daily automated backups, will keep you secure. Yes, it will cost money, but you're not a home user with old emails and pictures of your vacation.
38
Once there is no purpose to paying ransom, this scam will go out of fashion. I hope the FBI follows through. It makes sense.
1
Should be a no-brainer. But for this administration, nothing is a no-brainer. Good resource to know about.
1
Microsoft is a child's toy.
1
How touching that someone out there believes the Feebs can actually solve anything.
1
About a decade ago, I was hired for a research gig that involved analyzing lots of individuals' personal data.
I was hired because I was willing to abandon Windows and other MS-based programming. The reason? Security. Malware was popping up all over.
I moved to Ubuntu quickly. Then I dug into Linux. And now I'm at home with the software and can tweak programs etc. I'm not an expert but I don't need to be.
Rather than paying g-zillions in insurance premiums against hacking and theft, why not spend a fair amount of time and some money getting out of the Windows Trap?
And, yes, Unix/Linux and other open source systems can be hacked but it's a great deal less likely/harder because the programming can be deliberately made to have unpredictable features that block invaders in practice.
Real security requires real effort -- laziness enhances insecurity.
1
Three-letter spy agencies, particularly the NSA, are conflicted about people protecting their computers because they stockpile various exploits for use, hoping that bad guys won't gain the same knowledge or that the exploits won't be stolen. But if the worst happens, then they just say nothing.
1
I think the law enforcement needs to also disrupt the payment process by blocking any sites that enable the collection of ransomware payments and work with other governments to seize any assets, including crypto assets, that have been obtained from the funds sent to ransomware addresses.
2
Thank you for the information, but is it too much to ask that the New York Times use correct grammar in a headline?!
'They Stole Your Files. You Don't Have to Pay the Ransom.'
or
'They Stole Your Files--You Don't Have to Pay the Ransom.'
or even
'They Stole Your Files; you Don't Have to Pay the Ransom.'
5
I recall when some poor guy found a pre-release test prototype of an iPhone that an Apple engineer accidentally left in a restaurant. He called Apple to try to return it, but, true to Apple’s paranoid and secretive form, he got nowhere.
Some hours later the police kicked down his door to retrieve the phone. Imagine, if you will, the unnecessarily over-the-top SWAT tactics probably used.
The moral of the story is this- the American police don’t exist to help you and me. They exist to serve corporate interests and make sure people dont get too far out of line.
What does the NSA do? Monitor our emails, our phone calls, and “protect” us.
“Protect” us by producing many of the exact weapons that are now being used against average citizens- you may recall when the NSA was hacked and its cyber weapons stolen.
And let’s not forget the effort our government puts into weakening the cryptography that can help protect us. From the clipper chip to those very “safe” back doors that law enforcement keeps insisting we need to include in our devices.
European governments still seem to believe that the government exists to serve the people.
It’s a nice model, one I wish we Americans had.
7
As a recent victim of just such an attack (and one who paid the ransom, concluding he had no reasonable alternative), I'm really grateful to the Times for publishing this piece. Had I known then what I know now....
Anyway, NYTimes has just earned my continuing subscription.
3
Far be it from me that I suggest that governments do any thing underhanded, criminal or extrajudicial but I think it might go a long way toward making these hackers and thieves think twice if the worlds intelligence agencies were to start tracking them down disappearing or outright killing them.
1
Did I just walk into a Glenn Ford movie?
Thank you for taking the time to write this article - I did not know the existence of those wonderful European tool sets to counteract these dangerous attacks on our data.
3
Virus phobia and ransomware subsidize the like of John McAfee and other paranoid parasites of the internet.
2
Encryption/decryption via current algorithms (RSA) will become a moot point in a few years for large institutions.
Perhaps an entrepreneur can start a company where for a tiny fee, the small guy can send his ransomware files to be decrypted.
https://quantumcomputingreport.com/our-take/applying-moores-law-to-quantum-qubits/
...snip ...
4. Finally, the number of logical qubits needed to factor a 2048 bit number in order to break RSA encryption with a 2048 bit key. This is estimated to take at least 4000 qubits, but could be more depending upon the algorithm used.
...snip ...
For example, we estimate that a quantum computer with 4000 physical qubits will be built by 2023. If those qubits were perfect and required no error correction (i.e. a 1:1 logical to physical ratio) then the 2048 bit number could be factored as early as 2023.
and consider this a national risk and ask the intelligence agencies to take physical action against the source of these crimes. They can send cruise missiles anywhere. Same with people who steal your identity,
1
Patches sometimes mandate upgrades and upgrades cost money. Plus, upgrades can mean having to replace/update hardware which is even more expensive. Patches sometimes break old software that sometimes isn’t made anymore or, again, cost money to upgrade. Upgrades often mean having to replace/update hardware. Upgrades can also mean re-training staff which costs even more money. Lots of new software has gone to subscription-based payment so that too is another reason some businesses/gov don’t want to upgrade; they want to keep using the old software that is already bought and paid for.
Finally, everyone wants less cost, more efficiency, most budgets are all under pressure to do more with less and less.
The forces that create a situation where ransomware is possible are also creating bridges that collapse, highways, airports and other public facilities in desperate need of repair. No elected official wants to create a program to upkeep all this stuff, so it’s pushed to the next administration. Everything is breaking down; everything is in need of repair.
Its not limited to computers, network wiring, and the various software that runs on it.
6
Silence from FBI is not "baffling."
Incompetence and ineffectiveness are FBI hallmarks.
2
What this suggests is that instead of protecting us, our government, the FBI in particular, is supporting the criminal enterprises, especially disgusting since as you note, the FBI was initially telling victims to pay the ransomware. Now they tell victims to spend hundreds of thousands of dollars or more to reinstate their data.
2
Kindergarten lesson # 1: never leave things lying around that you can't afford to lose.
4
One part of this problem is government/business entities who don't want to spend the money to upgrade their computer systems and security. Insurers may soon help solve this by refusing to pay ransom claims if a policyholder has not kept their security systems up to date, or setting minimum security/systems requirements as a condition to coverage.
90
@Pat
When I initially looked at the "partners" page of NoMoreRansom, it appeared that no American law enforcement agencies were involved.
However, it does list the National Cyber Forensics & Training Alliance (NCFTA) which is a partnership between the FBI, Secret Service, US Postal Investigative Service and cybersecurity industry partners.
https://www.nomoreransom.org/en/partners.html
So I'm not sure it's accurate to say that American law enforcement agencies are not engaged here, but I agree it would be nice if the major law enforcement agencies themselves lent a bit more to this initiative.
3
@Dave Melnick
I said nothing about American law enforcement agencies.
1
Ms. Wolff's advice is well taken, but to me points to the pressing need to make cryptocurrencies illegal. They are a lynch pin to the "business model" described and enable a host of other criminal activities: drug dealing, money laundering, income tax evasion, etc. It is time to outlaw cryptocurrencies.
109
@Tad Ornstein . Thanks, Tad. Cryptocurrencies are perhaps the most dangerous financial invention ever. In addition to all the awful things you mention, the "mining" of cryptocurrencies is a massive user of electricity.
The thing we should fear most, however, is the embedding of cryptocurrencies into financial derivatives. The bubble and resulting pop could knock out the world's economies.
18
@Tad Ornstein Cryptocurrency is just a spreadsheet that a bunch of people shared. That's difficult, if not impossible to outlaw. Criminal usage and volatility already do much to discourage people from putting money into it.
2
@Tad Ornstein
Tad,
You miss the point. Like many MANY targets, I have been bombarded with foreign accents purporting to be IRS agents ready to break down your door with no less than the local sheriffs' support. All they want is for the victim to create a Walmart cash card in their account number or name.
Cryptocurrencies just make it much harder to trace. Outlawing one form of currency may throw a curve to the scam, but it will NOT stop it.
1
Thanks for the link to the No More Ransom initiative's website. There are some really useful tips to help minimize the risk of infection.
That the FBI isn't joining with its European counterparts, is yet another example of why "America First' may wind up placing us last.
241
So how do these tools work, anyway? Are they like a bunch of private keys that people have found are commonly used by the ransomware programs?
Recommending software to assist victims of ransomware sounds like a job for the FTC's Bureau of Consumer Protection, not the FBI. I'll pass along this helpful info to them. No need to thank me. It's my pleasure
4
"coordinated global regulation of cryptocurrencies". Someone has a problem with that?
2
Why can't the US government help out their citizens with cybercrime? Because they don't want to allocate funds to pay for the resources.
Has anyone had a look at the governments websites lately? They're lost back in the early 2000's. Interfaces that just plain don't work, don't display correctly on modern browsers or mobile devices, search functions that require users to employ boolean search connectors...etc. The FDA has a decent site but that's about it.
Just unacceptable for a modern democracy. Oh wait...
20
It could be that because of the U.S. software developers' arrogance and feeling of omnipotence when it comes to working with non-domestic software developers ... "not invented here" ... the U.S. is denying its citizens what could spell the end of most ransomware.
It is that attitude, plus the greed of the corporations responsible for most software, that prevents the expenditure of time and money to help the global community contain or prevent or reverse the ransomware attacks. Improperly prepared, greedy and ignorant people are allowing these attacks.
4
The Chinese want Boeing's secrets. The Russians and the other former SSRs want your bank account. Besides weaponry and Stoli vodka, there is virtually nothing that they produce that you want. My guess is that about 2-3% of their GDP is money stolen from the west.
6
@weniwidiwici
True of Russia but not so true of China. If the Chinese make a cheap product these days, it's because they are deliberately aiming at a low end market - but they've got the capability for quality manufacturing and when they exercise it they are able to turn out product that matches American quality or, increasingly often, beats us on quality as well as price.
The sectors where we have a real edge in capability, like aircraft, seem to be getting pretty few lately.
Russian consumer goods, on the other hand, mostly can't do quality whether or not they try.
8
Many people believe that encryption can always be broken by somebody smart enough, like NSA. This has been false since 1978 when "public key cryptography" became widely known. Google that phrase. The NSA went nuts, because their smarts and big computers were suddenly not enough.
Your computer already uses these methods constantly. The internet wouldn't be useful without them.
Of course, some criminals are stupid, or only interested in low-hanging fruit and will use bad methods. But to suggest that the "good guys" have some secret capability is horsehocky.
1
That's what I was thinking, like the cyber criminals aren't coming up with their own large prime numbers or something? They just keep using the same private keys?
Back everything up in the cloud .... reformat computer and download your stuff
Pretty basic
2
@alec
Anything that you can do sitting at your computer can be done by a malicious program running on your computer.
If your computer can automatically access your cloud storage, some ransomware programs will try to discover how and will encrypt or delete that too.
Important stuff should be backed up to a place your computer can't get to. I also use a cheap external drive. Many corporations encrypt their backups and only store decryption keys on special hardware devices.
4
It does bring up an issue with law enforcement across the US in general. They are focused on justice and prosecutions, not how to protect and serve if it doesn't involve arresting and prosecuting someone.
We have accepted this for far too long. Justice after a crime is the least government can do. It is the lowest bar, and we don't even get that sometimes.
Since these cyber criminals all live outside of the country and beyond extradition, the FBI doesn't get its arrest or prosecution, so they have little interest.
European governments are more responsive to the needs of their citizens because they are democratically elected. We need democracy in the USA. Rule by who has the most money is not democracy.
51
The CIA/NSA should help. After all, the hackers are just using their toolkit (which got released to the public).
2
Law enforcement should be involved but backups are a sure way to have a clean copy to fix the problem for free. Every time I have had a problem with my computer or phone, one of the first questions is, "Are you backed up in case we have to erase your drive?" Yes to both and that is every single day.
The US used to have a policy of not paying ransom to kidnappers which made Americans very unattractive victims when tourists were being kidnapped in Africa. The current president broke that rule when he paid his dear friend, Kim Jung Un, a million dollars to free someone who had broken the law in North Korea. Paying ransom is an invitation to hold someone or something hostage. Our government has a miserable record in keeping Americans safe from scammers. How many of us can't answer our phones without hearing some offer to lighten our bank accounts? We can protect ourselves by following our computers' and phones' instructions to have a reliable backup. It is actually very simple.
12
@S.L. unless of course a spy is captured then we will release one we have captured to get ours back
A few words of advice to my fellow Times readers:
> Create an Auto-forward function on your primary email linking a second email account.
> Create an email or emails in your second account that you can retrive easily with sensitive information/data etc.
Bonus Tip > switch your cell phone to an area code where you dont live. Then when you get robocalls from that area code, you can ignore them.
17
@deano
If I switch my cell phone to an area code where I don't live, how will my neighbors reach me?
@GHthree, Most people use cell phones now so if all of your contacts also use cell phones, it's not a concern.
I live in 267 area code in Pennsylvania, but my cell code is 408 from when I lived in the Bay Area 20 years ago.
Unfortunately most of the data, about me, is completely out of my control. It's the government, businesses I patronize, my doctors, the government, my broadband company, my bank, my investment firm, and others, like google, who hold my info, while I am pretty much unable to give or withhold consent. I don't keep ANYTHING on my computer, and I don't have a smart phone. So the entities, mentioned above, should double (TRIPLE) down on THEIR security, and take responsibility when they inevitably get hacked. They never do; they just offer worthless apologies, after the act.
9
If insurers are reimbursing customers for ransomware payments, why aren't they getting involved in efforts to recover the encrypted files, at least to the extent of using freely available tools, before their clients pay the bad guys? If our law enforcement agencies aren't interested in addressing this crime, you'd think insurers would be adequately motivated to stem the costs.
11
@Tim Straayer every payout that gets press brings in more customers and allows them to charge more..very soon they will be marketing to everyone on tv
Assuming you are willing to try one of these approaches, how would you even get to them if it's one of those situations where you CAN'T use your computer.....it's "locked" in place unless you call the telephone number on screen and follow instructions, etc., etc.
3
@Dot
Your PC is generally never fully locked that way... this is generally just a webpage that looks official, squaks and makes noise, and is hard to close because of header-reloads in the code...
Do this...
Control-Alt-Delete -- then enter Task Manager -- then End Task on your browser... now right click on your browser link and reload the browser with "open new window".
Usually when you just reopen your browser it reloads the last pages that were open when you closed the browser, and this can loop your offending website... skip this by opening a new window.
The vast majority of what home users experience is this type of browser attack... not the viral attack that these companies are experiencing.
1
@J Thanks, J. I am familiar with this solution but since sometimes it doesn't work altogether smoothly, I did not attempt to detail it here. Perhaps I should have....but there have been times when it just about defeated me. HOWEVER, I do hope this provides a good starting point for some readers. It is always at least a bit scary. YOU DEFINITELY ADDED A BIT OF INFORMATION THAT I WAS NOT FAMILIAR WITH, I.E. RE-OPENING BROWSER. TKS!
1
What's maddening is they already have a terrific venue to do this - the National Cyber Forensic Training Alliance - a public / private / academia collaboration on cyber crime and attacks: https://www.ncfta.net/
6
There is probably a certain amount of admiration within the american government, as within the community at large, for ransomware. American capitalist ideology accepts lying, cheating and stealing as fundamental strategies for accumulating wealth.
23
@HT
Well, at least the one who knows more than the generals sure accepts it.
1
I've been told that European airports have more efficient and more effective security that US airports, and have for the entire 911 era. Now we learn that Europe is leading the charge against ransomware attacks.
What else is Europe doing that the US should learn about and participate in?
Churchill is credited with a caustic line that too often sums up American attitudes regarding cooperation and learning from our allies: "You can always count on the Americans to do the right thing....after they've tried everything else."
Of course, if Churchill had had his way, D-Day might have happened in Yugoslavia.
13
@Steve Feldmann
"What else is Europe doing that the US should learn about and participate in?"
I think just about everything. Our government and our culture are currently walking backwards with their eyes closed on just about every significant modern issue. It is tragic how strong the cultural backlash against progress has been.
43
@Steve Feldmann
(Warning: Sarcasm Ahead- still true): We are #1! No one anywhere can possibly have better ideas, etc., than us. It is also the creed of our leadership, as Trump clearly stated: "I alone can fix it!"
9
@Steve Feldmann
"What else is Europe doing that the US should learn about and participate in?"
Socialized medicine
There is probably a bigger list but I don't watch Fox News so I am not up to date on all of the evils from Europe we should avoid
18
Maybe we should do it the way everything else is done in government. Make a regulation that requires companies to backup all data so at to not fall victim to ransomware, and hire a few thousand regulatory compliance agents to ensure that companies backup their data or fine them.
The problem though might be that congress might not fund them adequately to ensure compliance among companies.
5
I constantly receive calls from crooks pretending to be from Microsoft, the social security administration, income tax. I called the Local FBI office several years ago and was told that they do not deal with this issue.
44
@Michael Just ask them for their phone number and tell them that you'll call them back.
3
@Michael
I called the Sarasota FL office of the FBI several years ago regarding an East European war criminal hiding in FL and they said they weren't interested and then asked if he was a boyfriend with whom I had fallen out.
3
Thank you, Prof. Wolff! You may have saved countless people from anguish and the loss of precious data and memories.
7
Anybody in charge of an important computer system who doesn't keep the software updated and also perform regular back-ups should be considered negligent, at the very least, and possibly criminally liable.
I run a small, one-person business and I back up my data frequently (when my computer is disconnected from the internet to avoid spyware/randsomware arriving just when I'm backing up).
Important files are backed up almost daily.
And as importantly, some back-ups are kept off-site in case of fire or burglary.
70
@Shaun Eli Breidbart Don't just backup, test those backups to make sure they are good. I've worked with companies who have backed up for years only to find when they restore there is something wrong with the files, or they're missing important areas.
13
Yes, that is the way government SHOULD work. It's unfortunate that I can 'hear' some of our policy makers and officials stupidly saying "we'll come up with an AMERICAN solution!" to cheers of "USA! USA!" while nothing gets accomplished instead of building on what's already available and cooperating with other governments.
OR, insisting on a 'private sector' solution - we can see how well that has worked in the pharma industry, or self-regulation in the airline industry, finance, environmental area etc.
12
@Me Yes, the "Not invented here" syndromes strikes again. Good Grief. Why we in the US often refuse to learn from others is astonishing.
2
The free No More Ransom tools that Dr. Wolff touts sound great at first. But then, in the only concrete example she provides, she tell us that they only managed to "decrypt Ryuk malware . . . in 3 percent to 5 percent of the cases." Is that success rate typical? She doesn't say. Actually, I'd call it a failure rate of 95 to 97 percent.
8
@gtodon: True, not a great success rate, but still worth trying before shelling out any money. And maybe with encouragement we can learn to do better.
6
And unfortunately it will just be a matter of time before the hackers figure out how to upload their own infected programs to No More Ransom’s web-site.
5
This is far too sensible for a government led by a computer-illiterate reality show president who encourages hacking of our elections by hostile foreign powers and thinks cybersecurity will hurt his re-election bid.
23
PUBLICIZE THIS.
With explicit directions and possibly several anecdotes/ examples.
1
Relevant, important information. Thanks!
2
The current administration is too busy playing golf and tweeting insults to care about the little persons who run into trouble. Cities? The White House has written off half of US cities for political reasons.
The FBI could help, but it won't without better leadership in Congress and the White House.
19
The vast majority of ransomware attacks could be deflected by simply downloading and installing a freely available Windows patch - one that has been available for over a year now.
The fact that these large municipalities and hospitals and the like have simply been too lazy or ignorant to do so is the real crime here.
The idea that large organizations with professional IT staff need to be 'marketed' a freely available solution if they are derelict in keeping their systems updated is equally bizarre. What in the world do their IT teams do for a living?
30
@SteveRR - I recall reading, perhaps even here in The Times, that hospitals are loath to do upgrades because upgrades often break things, and they need stability to properly serve their patients. Of course a ransomware attack is much worse!
I think the most important thing to do is to always have recent backups _offline_. I have two backup drives and only have one physically connected at any given time. Having backups offsite is also helpful, of course.
5
@SteveRR
If the patch has been available for a year, why do we have to download it? Shouldn't it be part of the routine upgrades that are done almost weekly?
I'm no geek, but what am I missing?
3
@Betaneptune
Yes, upgrades can break things. About a year ago I did a "routine" monthly Windows update on a laptop. The end result: HD had to be wiped and completely re-done.
That is not an excuse not to update, just pointing out problem can occur.
Also, you backup should never be connected to the primary all the time. Otherwise ransomware will find it and encrypt it also.
2
@JeffK
Your US credit card does have a pin. It was either sent to when you first received your card or you may have opted out of it.
The reason you may not know this is because, in most cases, customers do not opt for a pin. Also, your credit card is protected against fraud by the card issuer and federal law while a debit card is likely not. Just ask for a pin from your credit card issuer. When you make a purchase, select debit and you will be asked to enter your pin. Selecting debit or credit at the Point of Sale device does not determine whether the card is debit or credit.
By the way, why in the world are you using your credit card for a cash advance at an ATM? You are effectively taking a loan with outrageous interest.
8
The folks in Washington D.C. haven’t gotten the memo that the new battlefield is found on the Internet. The minions that provide armaments to the old school battlefield have intercepted all the memos in order to maintain status quo. Clues about what is happening outside of D.C. have no meaning to those folks, unless they are written on the backs of $100 dollar bills.
3
Question: are online backups (Google Drive, OneDrive, etc.) adequate protection against a ransomware attack, or if they’re mounted to the local device can they also be compromised by the attack?
5
@ChrisMas Anything that's mounted at the time is at risk - local storage, removable drives, and cloud storage alike.
1
@ChrisMas In short, no. Anything connected to the computer that has ransomware is vulnerable. True cloud backups should be encrypted and not connected unless you need to restore them.
3
Or local governments and small companies could spend a little cash on IT services to keep up with vulnerability patching.
2
In the USA someone's misfortune is another person's payday.
Don't expect the government to help these crime victims -- especially the poor ones -- if it means frustrating the efforts of profiteers to sell a service that will unlock affected computers.
They'll get you coming and going. It's the unwritten rule of US life.
25
@Allen
Esp. now. Look who's in charge.
6
Even if individuals may not be versed in available decryption technology, it is hard to believe that insurance companies would not be aware of all available options. Cities or municipalities would presumably be covered by insurance which raises questions about why these folks are paying the ransom.
18
The way it would work in America is that the biggest contributors to the GOP would be in the front of the line for help, and everyone else would go nowhere. And the US Government would fund it all.
9
This is a sensible, sound, commonsense solution to a difficult and expensive problem. Unfortunately, this almost guarantees that it will not be adopted by our government.
Perhaps a better approach would be to give our patriotic American corporations a financial incentive to tackle the problem. We ought to encourage a private market solution, instead of going down the Euro-socialist road. No doubt this would end up being more expensive than just paying the ransom, but at least the money would stay in the American economy, fertilizing a whole ecosystem of insurance companies, second-string but politically connected computer consultants, lobbyists, sales and marketing pros, , banks, investment firms, politicians, etc. It could be a growth opportunity as big as the private prison industry, if properly handled.
11
@Eric The so-called "Euro-socialist road" has already been traveled, and it provides a solution for many ransomware victims. Why would our government not acknowledge its existence? Just because it's (gasp!) government-sponsored? If the private sector is so efficient, let it compete on an even playing field. Or even let our government (gasp!) fund a private-sector initiative to compete with what the Europeans have already done?
38
@Rich Agreed. We all know how well the "private prison industry" is doing...for society, I mean, not for the actual companies.
10
@Eric, I get it.
4
All my personal files are backed up into the google drive cloud. The files I use and update more frequently, I attach to an email and save in a Draft folder.
2
@RonRich
How do you get around the 25 MB attachment limit?
@catlover
Multiple emails...Subject: filename
Can't be carrying a physical backup around, but removing and attaching latest file to Draft email is easy.
Not just malware insurance, but loss of laptop (for whatever reason) too.
1
The US is behind much of the civilized world in many security areas. For example, in Canada and Europe, credit cards are protected by PINs in addition to chips. We found when we recently went to Canada that our credit cards did not work at ATMs, kiosks, etc. and we had to go through a manual process. We should be leaders, not followers in this technology.
126
@jeffk - I you have a chip card, many US banks will give you a PIN if you ask for one.
1
@jeffk
Increasingly in the industrialized world, it's more like "America last."
Sigh.
9
@jeffk Some are—I belong to a US credit union and their credit card uses a PIN.
4
What is missing though is the other half of the equation: how many people were not helped or not successful with the No More Ransom tools, as opposed to those who were.
4
@Joshua Schwartz
As a first estimate I'd say that everybody who didn't know about the "nomoreransom" tools and therefore didn't even try using them were not helped.
Hence the recommendation to publicize the site.
7