The recent dangerous WannaCry ransomeware attack should be a wake-up call to all computer users to keep their machines updated. While this malware does not affect Macs, that may not be true of future attacks. Keeping the operating system up-to-date would have protected victims of WannaCry. Please keep your Mac OS and apps updated, don't download software from sites you don't trust, and keep a good backup.
Comments: 23 Responses to “Protecting Your Mac Against Ransomware”
Mac Carter
8 years ago
Good video, Gary. It's worth noting that at least one malware expert has mentioned that backup hard drives may be just as vulnerable as your computer hard drive IF the backup is connected. This "expert" recommend disconnecting your backup drive after each backup. That is something I find disturbing and hugely inconvenient... I run all of my backups automatically at 1am in wee hours.
Mac: I agree with you. I think it is dangerous to tell people to disconnect their backups because they will forget to reconnect them and end up backing up far less than what they should. But Windows users are used to "occasional" backups whereas Mac users have been doing hourly backups for years now. So it is possible that his advice applies more to Windows users than us.
What you can do is to have two backups (Time Machine allows you to do this easily) and saw them out daily or weekly. Or, do a second backup with another method (a clone). Or, do an online backup as well as a Time Machine one (this is what I do).
John Erskine
8 years ago
Re the backup mentioned; is it sufficient to have your data backed up in the iCloud? or should you use an external HD? I'm kind of new to MAC, but have an iPhone and an iPad, so shifted to a MAC to be consistent. Thanks!
John: There is no method to do a true backup to iCloud. iCloud is a cloud data service, which is different than a backup. I would 100% advise you to at least have a Time Machine backup going.
MissDori
8 years ago
Apple support told me, if I get one of the screens telling me my Mac has been held for ransom, to simply turn the computer off by pressing the on/off switch. Don't touch any keys, just turn it off. What are your thoughts on that, Gary?
MissDori: Hard to tell what Apple support is responding to. It is true that sometimes fake ads or simple adware will tell you that you have ransomware, but in fact you don't. It is a fake-out, just hoping you will panic and pay even though your data is fine. It is much easier for them to do this than to actually make ransonware, of course.
Ken Kenton
8 years ago
Gary, what's an "online backup"? All my files are in Dropbox. Does that qualify as an online backup?
Ken: An online backup will automatically (in the background) back up all of your files to a server. Examples are CrashPlan and BackBlaze. DropBox is a cloud service where your files are stored on a server and mirrored accessed on demand, usually with a cache so it is faster. If ransomware got a hold of your system, it would encrypt the files and then those encrypted files would be automatically synced with the cloud service, so it would not help in that situation. With a backup, you should be able to roll the clock back to before the problem.
nick
8 years ago
Gary
I updated the Mac OS as soon as it became available, however there were a number of bugs that caused significant issues. I posted this in the support community but no luck. I eventually used Time Machine to restore the previous version, which works great. So in absence of any kind of acknowledgement from Apple on this, I chose not to update, which I don't like to do for the reasons you've described.
nick: What bugs did you come across that were so bad that you felt you needed to go back a whole version of macOS? Seems pretty extreme to me. Been using Sierra on all my machines with no problem since day one. (Don't reply here with specifics, since it would be getting off-topic, but instead maybe ask in the MacMost Q&A Forum).
UtahCornell
8 years ago
Regarding OS updates: I have a Macbook Pro (mid-2009). I have added memory 2 yrs ago, but if I update to Maverick or anything later, things become ridiculously slow & problematic. Hence I'm stuck at OS 10.8.5. This is a perfectly good machine, and I object to having to update to the latest OS which is not truly backward-compatible. Please keep in mind everyone doesn't always buy the latest Bright Shiny Mac Object. I do keep regular TimeMachine backups & have an anti-virus. And I upgrade the apps
Glenn
8 years ago
Don't think, Gary, that Mac was not hit by ransomware so far. The OS X version of Transmission, a BitTorrent program, fell victim to this.
Glenn: That was a near miss. Hackers got into one version update of the app. Apple revoked the certificate and the developer updated again fast enough to prevent it. But that does show why we need to take precautions.
Peterina
8 years ago
I'm new too. How do you get "time Machiy"for backups ou are talking about? Do you buy it through internet? Is it a hardware you buy from the computer store?
Hi Gary. I have not installed Sierra as my favourite game, Call of Duty, is apparently not compatible. I currently have El Capitan 10.11.6.
If I choose to stay with this OS will I still get updates to avoid possible Malware attacks
BTW Love you videos!!! Helpful as I teach oldies how to use Apple products (over 80 people ..one on one...5 a week)
Bert: Sierra has been out since September 2016 (and in beta for months before that) and that game still doesn't support it? Are you sure? I see several of those games in the Mac App Store an no mention of them not working in Sierra.
Anyway, Apple still produced security updates for El Capitan. They did so just this week in fact. Eventually they will stop, of course, but for now you should be OK.
SUSAN MCMILLEN
8 years ago
You said "With a backup (time capsule/timemachine, you should be able to roll the clock back to before the problem." I have wireless backup to my time capsule, but if infected wouldn't it lock me out of my back up as well?
Susan: Possibly. It all would depend on the capabilities of the ransomware. It could leave the Time Machine backup alone, or it could encrypt that too. It would not be easy for ransomware to do both, but as we are talking about theoretical ransomware, we can speculate either way. But that is why having an off-site backup or a second backup like I mention could help -- it is all theoretical. I use my Mac for work, so I have a ton of stuff to protect. But a home user may only have a small folder of things and an occasional copy of the Documents folder to a USB stick could be all that is needed to turn a ransomware disaster into a shrug of the shoulders and a clean-and-reinstall situation.
SUSAN MCMILLEN
8 years ago
Thanks, I do have all of my photos and critical docs on a hard drive not connected all of the time. I just have reminders on my calendar to back up. I intend to use my old time capsule as another full back up once I get my new Airport capsule up and running.
Dbob5678
7 years ago
Hi UtahCornell, suggest you check out replacing your old hard drive with
a SSD. You can check with crucial.com to see what they offer for your specific model. There are other providers too. Just have Best Buy or another tech firm install it for you, if needed.
I had a SSD installed in my previous MBP, an early 2011, with outstanding results.
Boot time was reduced from 2 + minutes to 20 seconds. All other functions speeded up too. It runs Sierra without problems.
Good video, Gary. It's worth noting that at least one malware expert has mentioned that backup hard drives may be just as vulnerable as your computer hard drive IF the backup is connected. This "expert" recommend disconnecting your backup drive after each backup. That is something I find disturbing and hugely inconvenient... I run all of my backups automatically at 1am in wee hours.
Mac: I agree with you. I think it is dangerous to tell people to disconnect their backups because they will forget to reconnect them and end up backing up far less than what they should. But Windows users are used to "occasional" backups whereas Mac users have been doing hourly backups for years now. So it is possible that his advice applies more to Windows users than us.
What you can do is to have two backups (Time Machine allows you to do this easily) and saw them out daily or weekly. Or, do a second backup with another method (a clone). Or, do an online backup as well as a Time Machine one (this is what I do).
Re the backup mentioned; is it sufficient to have your data backed up in the iCloud? or should you use an external HD? I'm kind of new to MAC, but have an iPhone and an iPad, so shifted to a MAC to be consistent. Thanks!
John: There is no method to do a true backup to iCloud. iCloud is a cloud data service, which is different than a backup. I would 100% advise you to at least have a Time Machine backup going.
Apple support told me, if I get one of the screens telling me my Mac has been held for ransom, to simply turn the computer off by pressing the on/off switch. Don't touch any keys, just turn it off. What are your thoughts on that, Gary?
MissDori: Hard to tell what Apple support is responding to. It is true that sometimes fake ads or simple adware will tell you that you have ransomware, but in fact you don't. It is a fake-out, just hoping you will panic and pay even though your data is fine. It is much easier for them to do this than to actually make ransonware, of course.
Gary, what's an "online backup"? All my files are in Dropbox. Does that qualify as an online backup?
Ken: An online backup will automatically (in the background) back up all of your files to a server. Examples are CrashPlan and BackBlaze. DropBox is a cloud service where your files are stored on a server and mirrored accessed on demand, usually with a cache so it is faster. If ransomware got a hold of your system, it would encrypt the files and then those encrypted files would be automatically synced with the cloud service, so it would not help in that situation. With a backup, you should be able to roll the clock back to before the problem.
Gary
I updated the Mac OS as soon as it became available, however there were a number of bugs that caused significant issues. I posted this in the support community but no luck. I eventually used Time Machine to restore the previous version, which works great. So in absence of any kind of acknowledgement from Apple on this, I chose not to update, which I don't like to do for the reasons you've described.
nick: What bugs did you come across that were so bad that you felt you needed to go back a whole version of macOS? Seems pretty extreme to me. Been using Sierra on all my machines with no problem since day one. (Don't reply here with specifics, since it would be getting off-topic, but instead maybe ask in the MacMost Q&A Forum).
Regarding OS updates: I have a Macbook Pro (mid-2009). I have added memory 2 yrs ago, but if I update to Maverick or anything later, things become ridiculously slow & problematic. Hence I'm stuck at OS 10.8.5. This is a perfectly good machine, and I object to having to update to the latest OS which is not truly backward-compatible. Please keep in mind everyone doesn't always buy the latest Bright Shiny Mac Object. I do keep regular TimeMachine backups & have an anti-virus. And I upgrade the apps
Don't think, Gary, that Mac was not hit by ransomware so far. The OS X version of Transmission, a BitTorrent program, fell victim to this.
Glenn: That was a near miss. Hackers got into one version update of the app. Apple revoked the certificate and the developer updated again fast enough to prevent it. But that does show why we need to take precautions.
I'm new too. How do you get "time Machiy"for backups ou are talking about? Do you buy it through internet? Is it a hardware you buy from the computer store?
Thanks for all your help!
Peterina: Time Machine is part of macOS and is already on your Mac. See http://macmost.com/backing-up-your-mac-with-time-machine.html
I know were asked to keep with the topic, but you deserve, hats off, lots of appreciation for your videos and teachings, and thousands of thanks!!!!!
Peterina; Thanks!
Hi Gary. I have not installed Sierra as my favourite game, Call of Duty, is apparently not compatible. I currently have El Capitan 10.11.6.
If I choose to stay with this OS will I still get updates to avoid possible Malware attacks
BTW Love you videos!!! Helpful as I teach oldies how to use Apple products (over 80 people ..one on one...5 a week)
Bert: Sierra has been out since September 2016 (and in beta for months before that) and that game still doesn't support it? Are you sure? I see several of those games in the Mac App Store an no mention of them not working in Sierra.
Anyway, Apple still produced security updates for El Capitan. They did so just this week in fact. Eventually they will stop, of course, but for now you should be OK.
You said "With a backup (time capsule/timemachine, you should be able to roll the clock back to before the problem." I have wireless backup to my time capsule, but if infected wouldn't it lock me out of my back up as well?
Susan: Possibly. It all would depend on the capabilities of the ransomware. It could leave the Time Machine backup alone, or it could encrypt that too. It would not be easy for ransomware to do both, but as we are talking about theoretical ransomware, we can speculate either way. But that is why having an off-site backup or a second backup like I mention could help -- it is all theoretical. I use my Mac for work, so I have a ton of stuff to protect. But a home user may only have a small folder of things and an occasional copy of the Documents folder to a USB stick could be all that is needed to turn a ransomware disaster into a shrug of the shoulders and a clean-and-reinstall situation.
Thanks, I do have all of my photos and critical docs on a hard drive not connected all of the time. I just have reminders on my calendar to back up. I intend to use my old time capsule as another full back up once I get my new Airport capsule up and running.
Hi UtahCornell, suggest you check out replacing your old hard drive with
a SSD. You can check with crucial.com to see what they offer for your specific model. There are other providers too. Just have Best Buy or another tech firm install it for you, if needed.
I had a SSD installed in my previous MBP, an early 2011, with outstanding results.
Boot time was reduced from 2 + minutes to 20 seconds. All other functions speeded up too. It runs Sierra without problems.