Recently, a new strain of ransomware named 7ev3n was seen in the wild that is more nefarious and, frankly, more stupid than previous versions of this now popular criminal enterprise.
As reported by David Bisson, this ransomware not only demands 13 Bitcoins for the key to restore the encrypted files, but it also damages your Windows installation.
The stupidity of the ransomware is in its pricing. At the time of this writing, 13 Bitcoins would cost an unfortunate victim more than $4,900. Many folks do not have that kind of money to pay in the hope that they will actually recover the encrypted data. In pure economic terms, the ransomware authors may have overpriced their product.
The other problem with this ransomware is its destructive nature. While it is possible to fix the damage it does to a Windows Operating System if you are technically inclined, most folks are generally uncomfortable navigating into the operating system with instructions about deleting files.
Even some of the commercially available removal tools involve opening a command prompt, which is sure to make a person wonder if they are not doing more damage.
So, what is a user to do to protect the data as well as the operating system?
As always, good data backups are a must. The best way to achieve reliable backups is to use at least two different backup mediums. For example, put one set of backups on a secure cloud storage platform, and another set on a removable disk that you have in your possession.
A PC Magazine review indicates that most cloud storage solutions cost no more than $60 each year for more than enough storage to cope with most people’s needs. An external hard drive with three terabytes of storage costs around $100, and many of the external drives come with built-in backup utilities.
To protect your operating system, you can use cloning or imaging software which makes a bit-by-bit copy of the entire drive; programs, data, and all. There are cloud storage offerings for this type of service as well. The only time you would need to make a new image is when you add new programs to your computer.
The only caveat is that you must only connect to your cloud backup and external devices when you are performing your backup and cloning operations. Ransomware has the ability to reach into all your connected storage, so disconnect it when you are not using it.
Let’s review the economics of this:
New, nasty ransomware that not only encrypts your data but damages your Windows system:
- $ 4,900 in Bitcoins to pay for the decryption key.
- $ 100 (estimated) to pay someone to safely restore your Windows environment.
Total: $5,000 for a single encounter with the 7ev3n ransomware.
Personal data backups and operating system imaging:
- $60 Unlimited cloud storage (per year).
- $200 – 3Tb disk drives (1 for data and one for imaging your hard drive).
- $60 – personal disk cloning software
- $100 – Cloud disk cloning software (per year).
Total for 5 years using the most aggressive cost options (Personal backup and cloning as well as Cloud storage and cloning):
- $200 for the personal disk drives (the drives should last at least 5 years)
- $300 for the cloud storage ($60 per year).
- $300 for personal cloning software.
- $500 for cloud cloning software ($100 per year).
Grand total: $1,300 (or $21 per month).
Of course, you could be well-protected without using such aggressive options, which would reduce the costs.
At any cost, it is best to take your data and operating system backups into your own hands, rather than risking it to the hands of a ransomware criminal.
Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.