Stop what you’re doing right now, and go ensure that you have a working backup and recovery process in place for your important files. Make sure that both backing up the files and restoring the files work! It’s useless to take backups if you can’t restore them. Now, if you’re a Windows user, go and ensure that you have working anti-virus and anti-spyware software in place, and that they are up to date.

If you need software for one of these purposes, see below; I’ve included a few links.

Now, on to today’s story. An unknown person has created a Windows “ransom-ware” trojan which, if you’re unfortunate enough to be infected, will encrypt all your files and demand you pay $200 to get your data back.

This little gem was spread through malicious Web sites to users’ computers running vulnerable copies of Internet Explorer.

Bruce Schneier has posted an analysis of how such an extortion scheme might work, and it’s quite an interesting read.

I’m here today to tell you what you can do to stop this sort of thing before it starts, and how to protect your data and avoid paying any ransom money to data criminals.

First and foremost, strongly consider whether you should be using Windows in the first place. If your activities on the computer are simply browsing the Web, reading email, sending instant messages, etc., and you don’t play many games, (or, like me, you prefer a game console) then you may benefit from Linux.

If for whatever reason you must continue using Windows, take the following steps:

First, ensure that your computer stays up to date with the latest available security fixes. Run Windows Update regularly, and turn on Automatic Updates if it’s included with your version of Windows.

Second, stop using Internet Explorer and Outlook Express. Virtually all malicious software enters your computer through one of these two programs. Replace Internet Explorer with another browser such as Firefox (free) or Opera ($39; free trial available). Then replace Outlook Express with Thunderbird (free) or Eudora ($50; free trial available). If you are using Windows XP, remember to disable access to Internet Explorer and Outlook Express once you’ve switched to prevent any accidental use of these two dangerous programs.

Next, install anti-virus and anti-spyware software. Consider Norton AntiVirus 2005 – Single User ($25 after rebate) for simple anti-virus protection, or for complete coverage Norton Internet Security 2005 AntiSpyware Edition ($45 after rebate) provides anti-virus, anti-spyware, firewall, parental controls and privacy protection with one single package. There are many other packages out there, so it’s a good idea to search and evaluate them first.

Finally, and most importantly, backups. If your files are important to you, you should be making backups on a regular basis. If you can’t live without your files, or if you would lose lots of money without them, then backups are especially critical. Generally, your CD/DVD burner may include backup software, or it may not. The important part is: it doesn’t matter if you can backup the files if you can’t also restore them! When evaluating backup software, be sure to test restoration and ensure that the backups are usable. Roxio Easy Media Creator 7.5 [10th Anniversary Edition] ($80) which also does a lot more than simple backups, AlohaBob PC Backup ($45), FarStone Protect and Restore Suite ($60) and many other programs are available.

Whatever you ultimately choose to protect your system and your data, it’s important that you actually do something. Otherwise you may wake up one day to find your computer has turned into a slot machine, and getting your data back is one big gamble. If you know of other useful software, leave a comment, and if you’d like to write a review and have it posted here, contact me to make arrangements.