17 January 2020
Ransomware is one of the most significant threats facing individuals and businesses today!
Just look at some of the stats:
With ransomware rapidly growing and becoming increasingly sophisticated, Mac ransomware is also on the increase.
While the majority of ransomware attacks in 2019 were focused on high-value business targets - you could still become a victim.
That's why you need the best ransomware protection for your Mac, along with this two-pronged approach to ensuring the best security:
To begin with, what is ransomware, and how does it infect Mac computers?
Simply put, ransomware on Mac extorts individuals or businesses for financial gain.
Ransomware is a malware attack where perpetrators threaten to expose your online activity, publish personal data online, or encrypt files and deny access unless you pay a ransom.
Your files - or entire device - is held hostage until you pay the ransom and receive a decryption key.
Like other forms of malware, extortionists push ransomware to individual computers through:
Ransomware can quickly spread across a network, encrypting mapped and unmapped network drives. The result is one infected user bringing an entire organization to a halt, with massive implications depending on the type of organization attacked.
Ransoms start around $300-$500 for individuals, but amounts of $50,000-$400,000 - or more - are typical for businesses who have more to lose. Because of the impact on their services and clients, healthcare institutions are often targeted by ransomware.
Designed to prey on your fears, ransomware perpetrators want you to panic and pay the ransom before you've stopped and thought things through. That's why it's essential to follow these steps carefully:
While it's true that Mac computers are less likely to be attacked than Windows PCs, they are not any more resistant to malware attacks. In fact, the threat of Mac malware increased by 60% in just the last quarter of 2018.
While adware is the most popular form of malware, ransomware is the most stressful and frustrating once it's infected your Mac. That's why you need an excellent anti-ransomware for Mac strategy.
Although relatively few compared to Windows, there have been several examples of ransomware affecting Macs, along with their derivatives which continue to appear in various forms. These include:
While cybercriminals will continue to create and launch new forms of ransomware, it’s comforting to know that scary Windows ransomware like WannaCry cannot infect your Mac.
A screen will pop up on your Mac, announcing that your files are being held hostage until you pay a ransom. The display will state how much you need to pay, methods of payment, and by when the ransom be paid. It may also say what will happen if you do not pay within the required time.
First of all, stay calm and don't panic.
Don't be in a rush to pay the ransom until you've thought things through and done your research, including rereading this article and contacting MacUpdate Support. We’ll do our best to help resolve the situation and recover your data.
Forums that you may want to visit should include the following:
Once that's done, follow these steps:
Isolate the infected device: Disconnect all infected machines from the network, irrespective of the operating system, to keep the ransomware from spreading. At the same time, disconnect all other devices from your network, including:
Identify the ransomware: Knowing the strain of ransomware infecting your computer makes it easier for you to find a solution. The ransomware could be one of the following general variants:
To identify the type of ransomware and download a decryption solution, visit Crypto Sheriff provided by Europol's European Cybercrime Center. If the tool recognizes the ransomware based on your input or file upload, it provides a link to the decryption program.
Remove the ransomware: Once you know what type of ransomware you're dealing with, you can begin to deal with it one of the following ways:
Recover the encrypted files: Removing the ransomware won't restore your data, so that's the next step. Here are two options based on how good you are at looking after your system:
Apple includes many safeguards against ransomware for Mac protection within macOS. These include:
For a full list of Apple's built-in security for macOS, see macOS Security: Overview for IT.
While the chance of you experiencing a ransomware attack is minimal, there's no harm in taking active measures to protect yourself by boosting your Mac security.
One tool you can use is RansomWhere?. A free app that runs in background mode, RansomWare? detects file encryption by identifying suspicious processes. Once identified, it halts the encryption process and notifies you of the threat. You choose whether to terminate the process or authorize it to run.
While some files may already have been encrypted before detection by RansomWare?, it should be minimal compared to what might have been.
What are your best choices? Here are the top three ransomware tools our readers recommend:
Offering protection against both new and existing threats, Norton for Mac provides advanced, multi-layered security. It incorporates sophisticated anti-malware, anti-phishing, anti-ransomware, and anti-virus features, along with a smart firewall to safeguard your information and privacy against malicious attacks.
Utilizing enterprise-grade endpoint protection technologies, Sophos for Mac blocks advanced cyberattacks, including exploits, malware, phishing, ransomware, and viruses. Easy to install and simple to use, the free version offers a 30-day trial of Sophos Home Premium which includes comprehensive ransomware protection.
Offering real-time protection through continuous monitoring executed in the background, Kaspersky Internet Security for Mac blocks cryptolockers, malware, and viruses before they infect your hard-drive. Both Kaspersky Internet Security and Kaspersky Total Security include protection against ransomware.
Once a ransomware notification appears on your screen, you have a decision to make: to pay or not to pay.
While you may want to sort the problem out as quickly as possible, we recommend that you NEVER negotiate or pay your attacker.
If you're inclined to ignore that advice, here are a couple of factors to consider:
By simply applying good security practices, you can protect yourself against ransomware:
Ransomware is an unwanted risk that can proactively be avoided. Protecting your Mac is relatively easy if you follow the steps outlined above.
If you do experience a ransomware attack, remember these two things:
However, the best thing to do is protect your Mac upfront.
Just follow our suggestions, and you'll be just fine.
Head of Community at MacUpdate
Marta Turnbull is a MacUpdate OG and has written about technology, marketing and brand creativity for over 10 years. She splits her time between Michigan and Ukraine.