Macs are the latest victims of ransomware

According to Veeam the number of ransomware attacks has jumped 6000% since 2015-16.  There is an interesting correlation between the increase in ransom attacks and the increase in value of bitcoins!

Bitcoin value in NZ dollars.  Source Google Finance

 

Now we near that Mac’s are being locked and held to ransom.  Macrumours.com has reported that the bad guys are getting hold of iCloud logins and then using the Find My iPhone app to lock Macs and demand a ransom.

Screen shot from macrumours.com

 

Access to iCloud accounts is being gained because many people use the same login (an email address) and password on multiple sites.  Hackers entice the user into creating a new account somewhere, then take those credentials and try them against other sites like ICloud, Dropbox, Xbox etc.

The Find My IPhone application is being used because it does not force Two Factor Authentication (2FA).  Two Factor often uses a text message as the second form of authentication.  The application lets you lock out any Apple device and assumes that you may be locking a lost phone.   If you have lost your phone, then a text authentication message would fail.

How can you protect yourself? 

Don’t use the same password everywhere.  I know it’s difficult to have a different password for everything.  So one simple action is to have a number of different passwords.  One you use for highly secure items, another for 2nd tier things that don’t include money or important data and a third for all those random sites you need access to.  It’s far from fool proof, but it’s better than just one password.