Ransomware (ran·som·ware): a type of malicious software designed to block access to a computer system until a sum of money is paid.
In the last several years, ransomware has become a big problem and a costly problem for consumers and businesses and there is currently no end in sight.
I am sure many of you have heard about the recent cyberattacks that targeted SolarWinds in December, 2020, and the most recent one against the Colonial Pipeline by Darkside, where they paid the hackers nearly $5 million in untraceable crypto currency.
A few years ago, Hollywood Presbyterian Medical Center was hit with ransomware on February 5, 2016, and 10 days later they paid a $17,000 ransom in bitcoin to get control of their computer system from the hacker who seized it.
These individuals or groups have one goal and that is to infect as many consumers and businesses as possible to increase their odds of getting paid. The ransom can range anywhere from a few hundred dollars to thousands of dollars and the payment is usually in bitcoins or some untraceable payment method, such as MoneyPak.
Types of Ransomware and Variants
There are two main types of ransomware:
- Crypto ransomware — encrypts data and files on a computer so the user cannot access them;
- Locker ransomware — locks the users out of their devices, preventing their use.
There are also many different variants of ransomware, including:
- WannaCry
- Bad Rabbit
- Cryptolocker
- GoldenEye
- Locky
- …to name just a few.
These ransomware variants are spread primarily through e-mail attachments, infected programs and applications, malicious websites, and security vulnerabilities.
What Does Ransomware Do?
The virus starts its process by encrypting all of the files on your computer or workstation, and then it moves across the network to the other workstations, servers, and connected drives on your network. In some cases, a user will not be able to open some or all files and then they will receive an email or a message that is a ransom note demanding money in exchange for the key or code to decrypt the files.
Once the files are encrypted there is no way for you to access them unless you have the key to decrypt the files, and the only way to get that is to pay the ransom. Experts in the industry recommend that you DO NOT pay the ransom if it can be avoided because there is no way to guarantee that the hacker will give you the unlock code or that there isn’t something on your machine that will allow them to extort money from you again.
Hopefully, you are already in the habit of making regular backups of your data, with a copy stored offsite or in the cloud, because if your backup is stored locally on an external drive, for example, it is most likely also encrypted which means it’s useless.
Your best defense is going to be implementing a disaster recovery plan that includes regular backups that are stored offsite. There are multiple options for storing your backups offsite or in the cloud. One option is to use one of the online backup services like IDrive, Acronis True Image, Carbonite, or Backblaze Online Backup, just to name a few, or create a custom disaster recovery plan.
If you decide to go the custom route, I suggest contacting your IT professional or Circle Management Group to help design and implement your disaster recovery plan.
Remember to make sure that your server and workstation software and operating systems are updated with the latest patches, and if a computer does get infected, immediately disconnect if from the network so it does not encrypt the data on any other devices on your network.
5 Ways to Help Protect Yourself from Ransomware
- Never open suspicious email attachments or click on suspicious links in emails
- Always make regular backups of your data and store a copy offsite
- Always patch and update your hardware, software, and operating system
- Install a reputable anti-virus/anti malware and spyware security suite
- Install a software and/or hardware firewall
You don’t need to go it alone — Circle Management can help! Tap or click to call (336) 841-2187 today.
