The Ransomware Bully
Ransomware is on the rise and the only protection is you.
We alerted you about the well-known CryptoWall and CryptoLocker a while back. The attacks seemed to die down for a little while, but now they’re back with a vengeance. PCs, Macs and some smartphones are at risk. This threat can hit anyone regardless of how often they check email or visit the web – business and home users.
a
Ransomware is a type of self-installing virus which can infect your computer or servers without your knowledge. Once installed, the ransomware connects with a remote computer, creates a very strong encryption key and immediately begins encrypting every file it finds on your computer – documents, photos, programs, etc. Once the ransomware has finished its encryption process, a pop-up message or web page alerts the user that all files have been encrypted, and the only way to free the files is to pay a ransom with a digital, untraceable payment. Sometimes paying the ransom works, sometimes it doesn’t. Ransoms can range from $250 to upwards of $1 million. Without the encryption key, all data is unrecoverable. While the FBI encourages you to report any occurrence, there’s not much the agency can do to help.
How do you protect your data?
Maintain a current off-site backup of your data. The backup being off-site is important. Certain ransomware can infect networked storage or even cloud-based storage, so it’s best to have your live data and the backup in different locations. If you have a current backup, usually your data can be restored without ever having to contact the hackers.
a
Ensure you have good antivirus software and update it regularly. Ransomware can infect computers in different ways such as launching through email attachments or through malicious code embedded on a website. Most antivirus software will block those entry points.
a
Make sure your programs and operating system are up-to-date. Many viruses exploit weaknesses in older computer programs and operating systems. We know updates can sometimes cause hiccups. However, the protection against potential data loss far outweighs the hiccup in most cases. If you are still running any Windows XP machines, take them out of service immediately.
a
All users should be aware of the potential threat. Discuss the topic at your weekly meetings, put a blurb in your company newsletter or forward this email to your users. Users should be cautious about opening attachments or clicking on links in emails. There’s usually something that doesn’t seem quite right in the emails – a misspelling, a wording issue, strange email recipients, invoices or purchase orders, etc. We’ve seen messages faked from the FBI, the US Treasury, UPS, FedEx, Microsoft, American Express, and many other normal every-day companies. Also make sure users don’t have unnecessary toolbars active in their browsers.
a
For businesses, there are several security devices which can be set up on your network to help thwart these attacks. Please contact us for more information.
What should I do if I think I have ransomware?
Your first contact should be to our office. We’ve seen it and dealt with it first-hand. It’s extremely frustrating to watch unfold. We can walk through the threat with you, advising you of the options and getting you back up and running as quickly as possible. We have the tools to remove the ransomware virus, but only the criminals have the tools to unlock the data. If a user is unsure about an email or a link, contact us and let us check it out first.
a
Please take necessary precautions. Let us schedule an on-site visit to assess any areas that may need better protection. We can ensure your backups are current, functional and can easily be restored. If you need direction with off-site backups, antivirus, updating your systems, controlling user privileges or any other IT issue, give us a call or send us an email.
a
We’re also available to visit your company meetings to discuss current threats and advise your staff of the best user practices for your environment.
a
Call us today at 803.779.5866 (Columbia) or 843.235.3525 (Pawleys Island), email us at helpdesk@blencowe.com or visit us online at blencowe.com.