Q: What is the best way to prepare for a ransomware attack? Are all your drives vulnerable? What about my OneDrive? What about other computers on my LAN at home?
For now, I have manually backed up all my critical data to a WD My Book USB drive. I then went into the Device manager and disabled it. I plan to do this about once a month. Do you have any other suggestions?
— Richard Hawes, Bothell
A: Timely questions!
First the bad news. Once a computer is infected with ransomware all drives to which it is connected — even those connected by network or the cloud — are potentially infected.
For those who aren’t familiar with ransomware, it is malware that, once it gets on a computer — either placed there by a hacker or unknowingly downloaded by a user — encrypts the data on connected drives. The ransomware program then provides instructions to the user for paying the ransom and promises to provide a key to unencrypt the data after the ransom is paid. Even if a ransom is paid, however, some victims have found themselves unable to regain access to their data.
Now the good news. Some cloud-storage providers offer plans that allow you to restore your data to an earlier date. In short, if you do get ransomware, once you’ve removed it from your computer you can restore your data as it was just before the ransomware infection. OneDrive Premium and OneDrive for Business offer this protection, though keep in mind that you can only go back 30 days, so don’t delay. These OneDrive plans will also scan for signs of ransomware and alert you if there’s suspicious activity.
Like you, I also manually back up my critical data to an external drive. The key thing here, though, is to disconnect that external drive after the backup. If it is connected to an infected computer it, too, can be encrypted by the ransomware. Just to play it safe, I’d physically disconnect that USB drive rather than just disabling it in software.
Q: I have an Asus laptop on which I am running the most recent version of Windows 10. Without warning, a few weeks ago I saw that my Malwarebytes Premium changed to the free version. It did not on my husband’s laptop.
We have tried at least a dozen times to get it to return to Premium. It does not accept the activation key. I get several error messages. One says the SSL is invalid, another says it is unable to contact the license server, check proxy settings or contact the system administrator for help. The third one says something about trying to get it to work through Internet Explorer. No luck with any of them.
I’m the only one on this laptop, so I am the administrator and haven’t the slightest idea what the error messages mean. The Malwarebytes “support” section of their website is useless; there is nothing on there about getting Premium restored. Can you tell me what the heck is going on and how can I get Malwarebytes Premium back on my laptop?
— Michelle Blanchard, Olympia
A: When you launch Malwarebytes it checks with the license server to validate your installation. It would seem that something has glitched there. So I’d reach out directly to Malwarebytes support, which I’ve found to be pretty responsive. I know you’ve looked at the Malwarebytes online support and it doesn’t answer your question, but if you access support from the Premium version that is working on your husband’s computer you’ll be able to submit a support ticket and you can explain your specific problem.