Your Company Has Been Infected with Ransomware
For those who know what Ransomware is, it can literally make your heart stop. For those who don’t know what this means… just know you NEVER want to see it.
What is Ransomware?
Ransomware or Cryptovirus is a type of computer virus that encrypts or “locks up” your computer files using a passcode that only the attacker knows. In order to “unlock” your files you need to get this key in order to decrypt them.
The Ransomware Process.
Typically it goes like this: you get an email that looks like a shipping email or a banking email or some other service that you would normally get. The email says some benign message and then instructs you to “please see the attached file” for further info.
Now, this type of email, even if legitimate should immediately throw up at least the tiniest of red flags. Opening the attachment on an email that contains a virus will unleash the attacker’s payload. The virus will begin to run in the background while you continue working. Your computer will become slower and slower as it works to encrypt all of your computer’s files and if you are on a network it will then move on to any attached server connections and encrypt them too.
Time to pay the Ransom.
Once the files are all locked the final step in the process is to place a notice on your screen letting you know that all of your files are now gone and you will not be getting them back without paying for them. Some of the viruses have a timer to force you to move fast before they delete them forever.
Almost all ransomware viruses make you pay in cryptocurrency like Bitcoin or Monero.
The point of making the victim pay in cryptocurrency is so that it’s harder or impossible to track the attacker and so that they can get paid fast. The problem with this scenario for the victim is that — 1. Once the attacker is paid they don’t have to give you the key and — 2. Even in the rare chance that they do give you the key, they will just come back again because you are now known as a paying target.
How to protect yourself from Ransomware.
The first step in protecting yourself and your employees is education. Learning what virus messages look like and how they spread is key in the first step of prevention. Viruses can come from emails, websites, USB keys, and any other medium of data transfer. Teaching employees how to be aware of virus and malware signs is key in staying safe.
Don’t open any attachments unless you are expecting them. If you get an email that says your invoice is attached and you did not order something from the company that emailed you should be extremely suspicious. Conversely, if you get an email from a company that you regularly order from, like Amazon you may be more likely to open it.
Let’s say you just got a scary notice for a very large Amazon purchase, you may be quick to open the attachment in fear you were billed incorrectly. So instead of your Amazon account being hacked it was your PC that was hacked because they used your fear to get you to launch the virus willingly.
The second step in protecting yourself is Anti Virus Software. Having decent and up to date AV Software will greatly reduce the risk of becoming a victim. AV software will scan incoming email and watch web traffic to protect you from known harmful threats. In most cases it will block or quarantine threats as they try to compromise your system.
The third step in protecting yourself and you business is solid backups. Daily backups are mandatory if you ever have have a ransomware event. If you don’t have recent backup then your data will not be recoverable.
Data Backups.
When developing a data backup plan you have to decide what level of loss you can tolerate. Most people will say none, but that is the most expensive plan and can be a burden on workers due to the excessive traffic it creates. Up to the minute backups are often called continuous backups and come with hefty price tags. More affordable backup solutions are daily backups with incremental and then offsite backup solutions to protect even further in the event of fire, theft, or first backup failure.
How to get help after an attack or protect yourself from Ransomware.
If you have been infected with ransomware we can help mitigate the damage and and in some cases help recover some of the data. NEVER pay a ransom. It is very unlikely that you will get your data back.
Solnet Web and IT tools to help you stay protected.
- Endpoint protection
- AV tools
- Onsite Backups
- Offsite Backups
- Website Backups
- Database Backups
- Ransomware resistant architecture
- Perimeter Firewall protection
- Perform Vulnerability scans
- Use VPN