Or maybe your company's accounts receivable files or your hospital's patient records. The particular ransomware making headlines is called Wanna Cry, and it's infected some pretty serious organizations. Your first line of defense is to diligently install every security update as soon as it becomes available, and to migrate to systems that vendors still support.Microsoft issued a security patch that protects against Wanna Cry months before the ransomware started infecting systems; it only works against computers that haven't been patched.Criminals go where the money is, and cybercriminals are no exception. The scammers can't charge too much, because they want the victim to pay rather than give up on the data. Computers are infected automatically, with viruses that spread over the internet. Encrypt the victim's hard drive, then extract a fee to decrypt it.Antivirus software can often catch your mistake and prevent the malicious software from running.
Though it'd probably have a different one from software vendors as they usually pick a significant string from the disassembly (not that I ever released mine) I think the /security/ model for your typical desktop should be different; it's not been adopted yet. First, virtualize everything - app level is fine (see: sandboxie).But it'll be yet another security surcharge you'll be expected to pay because the computers and internet-of-things devices you buy are so insecure.Because there are currently no liabilities for lousy software and no regulations mandating secure software, the market rewards software that's fast and cheap at the expense of good.Your third line of defense is to diligently back up your files. If your irreplaceable family photos are in a backup drive in your house, then the ransomware has that much less hold on you.There are systems that do this automatically for your hard drive. If your e-mail and documents are in the cloud, then you can just reinstall the operating system and bypass the ransomware entirely.