Paying Off Ransomware Is a False Savings

It started with personal computers and then morphed to attack business data. The “it” is ransomware, and it is the latest way that black hat hackers have caused concern for individuals and businesses alike.

Ransomware is when an outsider gains control of your computer from an email you opened or a file you downloaded. The hacker criminal gains control of your computer and locks you out. He or she now has complete control of your computer and offers to unlock it for a fee. In legal terms, the criminal is extorting you for money in exchange for data that is already yours. Ransomware has proven to be very lucrative for hackers; the very existence of ransomware on a computer instills panic and fear into the victims in that the hackers have control of your data. If your system is infected with ransomware, messages you see may include:

• “Your computer has been infected with a virus. Click here to resolve the issue.”
• “Your computer was used to visit websites with illegal content. To unlock your computer, you must pay a $100 fine.”
• “All files on your computer have been encrypted. You must pay this ransom within 72 hours to regain access to your data.”

Yet, paying the ransom offers no guarantee that the hacker will release your files. Protecting against ransomware isn’t hard, yet most businesses pay the ransom without protecting themselves from another attack.

Steps to Take to Decrease Vulnerability to Ransomware

1. Backup — You may already back up your data to the cloud where it remains secure. But, if your computer is locked, migrating the data from an online source back to your computer system can be a convoluted process. So, in addition to your cloud backup and the backup to your hard drive, make a third backup that you store offsite. You only need to incrementally add to your offsite backup to keep it current. Automatic software available is available that marks files for backup as you create them.
2. Don’t open that! — The same people who kidnap your data are hackers who use phishing techniques. Usually, they spam you with email in the hopes you will open an infected file or download. If you don’t know the sender of an email, or if the email looks suspicious to you, DO NOT OPEN IT. This is the most effective and cheapest way to protect yourself and your company from ransomware.
3. Educate users — Chris Doggett, senior vice president at Carbonite, which provides cloud backup services for individuals and small & medium businesses, said: “I see far too many people who don’t know the security 101 basics or simply don’t choose to follow them. So the IT department or security folks have a very significant role to play [to educate users].”
4. Patch when received — This sounds simple, but in reality, company policies and protocols may delay security and maintenance patches from being applied in a timely manner. Have your IT department review patch protocols and policies and recommend changes if they are in the way of applying them within 24 hours of receipt. Additionally, make sure you are running the latest versions of all your software and keeping it updated.
5. Pull the plugs at the first sign of ransomware — If one part of your system is infected with ransomware, isolate it from the rest of your system. You want to do more than disconnect from the corporate network; you should disconnect your Wi-Fi and Bluetooth on all machines to prevent the infection from spreading.

You will have little, if any, expense in protecting your data from being victimized by ransomware. Take the needed steps now by contacting us.403Tech Inc is the trusted choice when it comes to staying ahead of the latest information technology tips, tricks and news. Contact us at (403) 215-7506 or send us an email at [email protected] for more information.