Originally written by Bill Ayres, Circle Management Group
ran·som·ware: a type of malicious software designed to block access to a computer system until a sum of money is paid.
In the last few years, ransomware has become a big and costly problem for consumers and businesses and there is currently no end in sight.
I’m sure many of you have heard about the Hollywood Presbyterian Medical Center that was hit with ransomware on Feb 5th, 2016 and 10 days later paid a $17,000 ransom in bitcoin to get control of their computer system from the hacker who seized it. More recently, in 2018, major rideshare company Uber was in the news for covering up a massive data breach that ultimately cost them over $140 million. Hackers have one goal and that’s to infect as many consumers and businesses as possible in order to increase their odds of getting paid. The ransom can range anywhere from a few hundred dollars to thousands of dollars and the payment is usually in bitcoins or some untraceable payment method like MoneyPak.
Ransomware comes in many different variants including, to name a few: CryptoLocker, CrypterBit, and Locky, and is usually spread through e-mail attachments, infected programs/applications and websites. The virus starts its process by encrypting the files on your workstation and then it moves across the network to the other workstations, servers, and connected drives on your network. In some cases, a user will not be able to open some or all files and then they will receive an email or a message that is a ransom note demanding money in exchange for the key or code to decrypt the files. Once the files are encrypted there is really no way for you to access them unless you have the key to decrypt the files and the only way to get that is to pay the ransom. Experts i the industry recommend that you DO NOT pay the ransom if it can be avoided because there’s no way to guarantee that the hacker will give you the unlock code or that there isn’t something on your machine that will allow then to extort money from you again.
Hopefully, you are making regular backups of your data and a copy of it is kept offsite on a separate hard drive or in the cloud because if it’s only kept locally on a hard drive then it’s most likely encrypted and will be deemed useless. Your best defense is going to be implementing a disaster recovery plan that includes regular backups that are stored offsite. There are multiple options for storing your backups offsite or in the cloud:
- One option is to use one of the online backup services like IDrive, Carbonite, Crashplan or SOS Online Backup just to name a few or create a custom disaster recovery plan.
- If you decide to go the custom route, I suggest contacting your IT professional or Circle Management Group to help design and implement your disaster recovery plan.
- Make sure that your server, workstation software, and operating systems are updated with the latest patches. If a computer does get infected immediately disconnect if from the network so it doesn’t encrypt the data on any other devices on your network.
How do you protect yourself from ransomware? Below are some suggestions to help protect you.
- Regular backups of your data including a copy offsite, stored in a cloud or separate hard drive
- Patch and update your software and Operating System
- Install a reputable anti-virus, anti-malware and spyware security suite
- Don’t open suspicious email attachments or click on suspicious links in emails
If you are afraid that your virtual environment has been affected by ransomware or you just want to get ahead of things by scheduling a cyber security check-up, contact Circle Management Group at firstname.lastname@example.org today.