Manifesto

Most therapists see a therapist.

The Seattle Seahawks have almost as many coaches as players.

And even the most seasoned climber doesn’t summit Everest without a Sherpa.

You know why?

Because having a guide helps.

If you don’t know the way, a guide is indispensable.

But even if you’re an expert or well on your way, a guide can offer assurance, show you a few shortcuts and make sure you don’t stray off course.

We are guides.

And we help people navigate something far more compelling than a trail or path or investment opportunities and the market.

We don’t start a relationship by offering hot stock tips and patent-pending investment strategies.

We sit down and get to know our clients.

Where are they in their lives?

What makes them happy and fulfilled?

What do they want from their future?

Once we know where they are and where they want to go, we can set out on a journey to get there together.

And hey, if we decide we want to change where we’re going or take a different route, that’s okay too.

We’re expert guides, so we can help even the most sophisticated investor, but we pride ourselves on making the complicated easy to understand for everyone.

So we don’t put our arms around a client’s portfolio and drag it over to our side of the table and tell them we’ll take it from here.

We work with our clients to make sure they understand and are invested in the decisions we make.

We don’t sell our clients products; we help them make choices.

About the kind of life they want to live.

About when and how they want to retire.

And what kind of legacy they want to leave behind for their families, their communities, and the world.

We are Summit.

And we know it’s a bit cheesy, but darn it, we believe this to be true.

We guide our clients towards their dreams.

 

To Pay or Not to Pay: How to Survive a Ransomware Attack

Presented by Edward W. Grogan, IV

Imagine this: You open an e-mail that seems to come from Google, prompting you to click a link to reset your password. But when you click, a mysterious .exe file downloads and launches. Slowly, all the files on your desktop turn into white paper icons, and the names of all your files turn into scrambled nonsense.

What is happening here? Unfortunately, you’ve probably fallen victim to a ransomware attack.

The threat defined
Ransomware, as defined by Trend Micro, is “a type of malware that prevents or limits users from accessing their system . . . unless a ransom is paid.” Although the term may be new to you, ransomware attacks happen every day. In fact, according to Kaspersky Lab’s Securelist, 2.3 million Internet users encountered ransomware between April 2015 and March 2016, and Armada Cloud reports that the volume of attacks grew by 13 percent between August and October 2016.

In the event that a ransomware attack happens to you, it’s likely that something much like the scenario mentioned above will unfold. Here’s an example of what you might see on your computer screen:

Now what?
So, do you pay the ransom or simply wait for the countdown to end? Before deciding, you might try searching online for a free tool that can decrypt your files. But keep in mind that the chances of success are extremely slim. Even if a solution to a previous type of ransomware is available, attackers learn from their mistakes and have likely used a more advanced form of the scheme on you.

You might also consider calling law enforcement. Unfortunately, there’s very little that the FBI, for example, can do to resolve an individual ransomware incident. But reporting the crime can help put it on the authorities’ radar, so they can work on a solution for future cases.

Most of the time, it all comes down to two choices: either you pay the ransomware fee or you don’t.

You pay. One bitcoin equals $778 (at the time of this writing), so paying the ransom may be worth it to you, depending on what those files contain. You hit the Next button and follow the instructions to pay your attacker. What happens now?

  • Outcome 1: You get your files back. Time to celebrate? Not so fast. From the cyber criminal’s perspective, he or she just found a paying customer. Now you’re a prime target for another ransomware attack.
  • Outcome 2: You don’t get your files back. Remember: you have no leverage. No one is forcing the criminals to hold up their end of the deal. Even if the attackers are “honorable,” you can never be sure that the ransomware will keep your files intact.

You don’t pay. Maybe you think the attacker is bluffing. (Hint: If you can’t access your files, the attacker isn’t bluffing.) Or maybe you’ve decided that the price tag for your data is too high.

  • Outcome 1: You’re granted a time extension . . . and a price change. Some attackers penalize you for waiting up to their deadline and then not paying. They give you a second chance but increase the ransom. Others realize that you won’t take the bait, so they cut you a deal in an attempt to take what they can get. If so, you’ll be back to deciding between paying and not paying.
  • Outcome 2: You don’t get your files back. On the bright side, you didn’t contribute to one of the worst cyber threats we’re facing today. Plus, those attackers won’t see you as a receptive victim and may leave you alone in the future.

The best strategy: be prepared!
In the end, it’s your decision. It all depends on how much you think your data is worth, as well as how much you trust that the attackers will stick to their end of the bargain. To give you some insight into the choices others are making, a recent Symantec report found that only 3 percent of victims pay the ransom.

Fortunately, there are three relatively simple precautions you can take to prevent such a costly scenario.

1) Back up your data regularly. Let’s say that you back up your files every Sunday night. If you receive a ransomware threat on—worst-case scenario—a Sunday afternoon, you’ll lose only a week’s worth of data. If you would like to start backing up your files, you’ll have to take the time to devise your own schedule and method. When establishing a backup plan, remember to keep these two things in mind:

  • Regularly test your backups. You’d be surprised how many people wait until an attack or hard drive failure before they restore a backup for the first time, only to find that it doesn’t work!
  • Store your backups separately from your computer. If backup media is connected to your system during an attack, your backup data could be targeted as well.

2) Be wary of phishing. Approximately 91 percent of cyber attacks start as phishing scams, according to Wired. When checking e-mail, remember to:

  • Hover over all links to verify that they’re safe
  • Avoid clicking links whenever possible by typing URLs directly into your browser
  • Delete any suspicious e-mails

3) Update your systems ASAP. Attackers know the vulnerabilities of yesterday’s technology. The longer you avoid regular updates, the more time attackers have to exploit those vulnerabilities.

Most of us haven’t experienced ransomware, but as the number of attacks increases, so does the probability of becoming a victim. If the day comes when it does happen to you, will you have a plan for handling the situation?

View the original Commonwealth Financial Network article here.