If you’re an Apple user, you have luckily been able to benefit from the high security that Apple uses to keep you and your data safe from external threats. Unfortunately, it seems that as Apple’s popularity continues to increase, so does the attention from cyber criminals.
A new ransomware came out last month dubbed “KeRanger”. It was the first successful ransomware to target Apple users and may not be the only threat from which you have to protect yourself.
It actually may be far worse. An Apple user recently found herself in quite the predicament. A hacker locked her out of her Mac completely and held it for ransom. Usually, ransomware will lock you out of certain files and documents, but to be completely locked out of your device goes to a new level of intimidation. Your device could be rendered completely useless.
With this new ransomware coming to the surface, you aren’t even able to do a reinstall from scratch unless Apple unlocks the device for you. Apple will sometimes allow you to do this, but not in all cases. Because of Apple’s strict policies against theft, you are out of luck if you cannot provide a proof of purchase.
The surprising thing is that the hacker used the “Find My Mac” feature to completely lock the victim’s Mac. This is a feature that is supposed to protect your device, but this hacker used it to destroy.
The victim’s own iCloud account was used to relay this ransom message on her screen: “Contact me: hblackhat(at)mail.ru All your conversation sms+mail, bank, computer files, contacts, photos. I will public + send to your contacts.”
The hacker also included that if the hacker did not receive a response within 24 hours, her information would be published.
By having access to your iCloud account, a cybercriminal could have the ability to completely erase all of the devices connected. It’s crucial for you to protect yourself and your business. Having to buy completely new devices and to recreate the work that you have lost can be costly.
How to protect yourself:
- Use long and complicated passwords – Use random passwords (check out tools like LastPass to keep track of them), and never use the same password for different sites and accounts.
- Backups, Backups, Backups – Keep on-site and off-site backups of your data. It may not protect you against data disclosure, but many forms of ransomware encrypt your data, and you don’t have to pay to get it back if you have good backups.
- Use reputable security systems – Use antivirus, anti-malware, and properly configured firewalls. Always enable automatic updates to protect you from the latest threats.
You should also use 2-factor authentication on your iCloud account, email accounts, and other critical systems to protect your data as much as possible. It may seem inconvenient, but it’s the single biggest thing that you can do to protect your most critical data from being hacked!