Select Page

Ransomware – An Emerging Threat

by | Jun 2, 2016 | Recommendations, Security

Ransomware

Summary

Ransomware presents an emerging threat that can severely disrupt your business and cause significant unplanned costs. It’s a computer virus that turns all your data files into gibberish, then demands payment to fix the mess.

It’s very important that you take steps to avoid becoming a ransomware victim. It’s equally important to also have the ability to recover quickly if an attack occurs.

If you want to jump to quick lesson on how to defend your business against ransomware, click here.

A Clear And Present Danger

If you see a message like this one on your screen you’re in for a really bad day.

It means you’ve been hit with a nightmarish computer virus called ransomware. The FBI warns that ransomware is on the rise, and anti-virus maker Trend Micro warns that ransomware is one of the biggest threats in 2016.

A ransomware attack can be both costly and disruptive. Recently a hospital in California made national news by paying the equivalent of NZ $25,000 to data kidnappers. Recovery and eradication can take days, seriously disrupting your business. If you’re not prepared you might even lose precious data permanently.

Here at Aerorock we’ve helped customers recover from ransomware attacks twice in the past 6 months. And we fully expect more cases to emerge. We’ve proactively taken steps to protect our customers from ransomware. We have both prevention and recovery plans in place.

What is Ransomware?

Ransomware is a computer virus that encrypts all the data files on your computer. In other words, it turns all your data into gibberish. Nothing works. You’re dead in the water. What’s worse, it not only affects the data files on your computer’s hard drive, but also encrypts all the shared data files that your computer can access. So, one infected computer can affect your entire office.

Once all your data is completely useless, this nasty bit of work demands payment to restore your files back to their original condition. Thus the name ransomware. Usually there’s a time limit, after which your files cannot be recovered. The ransom can vary from several hundred dollars to thousands of dollars.

Payment is made to an anonymous site via Bitcoin. It’s all set up so that you have no idea who you’re paying, and the payment is completely untraceable. So, you not only need to come up with the dosh, but you also have to go through the hassle of converting it into Bitcoins.

Once payment is made, the data kidnapper provides you with a digital key that unlocks your data files. Since you don’t know who you’re dealing with, there’s no recourse if a key is not provided. Also, there’s no guarantee that it won’t happen all over again.

How Ransomware Gets On Your Computer

The most likely source of infection is an email that appears from an individual or business you know, but is actually from a cyber criminal. The emails looks completely legitimate. But It tricks you into clicking on a link that installs the virus without your knowledge.

Another even more insidious approach is emerging. Sophisticated cyber criminals are increasingly using a technique called malvertising to distribute their sinister payloads.  They infect legitimate websites with the virus, and these websites in turn infect your computer when you visit them. In some cases the virus can be delivered through ads displayed on a website. The ad comes from a legitimate source, but has been hijacked and replaced with another one that looks identical but contains a hidden virus.

Is there hope to avoid this growing menace? Yes!

Ninja

How To Defend Against Ransomware

Our strategy involves two components: prevention and recovery. We provide these services to our customers as part of our total support plan, at no extra charge. It’s all part of what we do to keep your business running smoothly.

Prevention

The best defense against ransomware is to avoid it in the first place. Here’s what we do to protect our customers:

  • All the computers we manage have top quality anti-virus protection that we control and update continuously.
  • We keep these computers up to date with the latest security patches. We know these frequent updates are sometimes annoying, but we do it for very good reasons.
  • We encourage our customers to use cloud-based systems whenever it’s feasible. Online business system such as accounting and job management are largely immune from ransomware attacks.

It’s important to keep in mind that computer viruses can and do slip through even the best protection schemes. New threats are emerging at an alarming rate. You can get hit with a brand new ransomware virus that the antivirus is not yet protecting against. We’ve seen it happen.

Here’s what you need to do to avoid ransomware and other computer viruses:

  • Avoid email phishing by being careful about the links you click on. For more info see my article on phishing here.
  • Use a modern web browser that offers protection against phishing and malware. The best of the lot is Google Chrome. It tends to require more memory that Firefox, especially if you have lots of pages open at the same time, but it’s more secure.
  • Run ad blocking software on your web browser to protect yourself from malvertising. Although advertising revenue is essential for many websites, it can’t be done at the cost of your information security. We recommend using uBlock Origin.
  • Avoid suspicious websites, especially the ones that trigger a warning in your web browser. If in doubt, avoid it.

Recovery

If you get hit by a ransomware attack, it’s important not to pay the ransom. It only encourages the cyber criminals, and there’s no guarantee they’ll fix the mess they created.

Make sure your critical business data is properly backed up. We use multiple layers of backup – both on site as well as cloud-based. This means that no matter what happens, we can recover as quickly as possible with minimal disruption.

If you start seeing files mysteriously changing, or you find that some of your data files won’t open, don’t wait for the dreaded ransom note. Immediately disconnect all your computers from the network. Run a complete anti-virus scan on each one to remove the ransomware. Then restore the the affected files from backup. Only after you’ve taken all these step should you reconnect your computers to the network.

If you’re not confident with your technical skills, you might want to get an IT professional to assist. But I can’t stress enough that having good backups are essential for a smooth recovery.

Contact Us For More Information

If you have any questions about ransomware, or any other computer-related issue, you’re welcome to contact us at the number below. We’re happy to assist.