Search
  • Keven Oates, Jr.

Ransomware 101




At it’s most basic level- Ransomware is a type of program that encrypts your data (leaving it unusable and unreadable), and demands you pay a ransom to get your data back.


This style of ransomware actually started way back in the 80’s, but today’s ransomware is more complex, and more dangerous then the ransomware of 40 years ago.


The ransomware of today will not only encrypt your data, but it also aims to steal and sell it to the highest bidder on the black market, and even if you pay, there is no way to ensure that your data will be safe.


There have also been cases of ransomware in cloud infrastructure, so it is not just limited to the data you may have on your PCs or physical server.


We’re going to break this down into three general sections:

        1: How you know if you have Ransomware

        2: What you should do if you have Ransomware

        3: How to protect yourself from Ransomware




How do you know if you have Ransomware:


Ransomware very often stays quiet when it first infects your network. It’s goal is to encrypt as much data as possible, and cluing users off to its presence wouldn’t help its objective. As the name Ransomeware implies, it wants to get your money. Once it encrypts as much of your data as it can, it will lock your PC down, and offer your data back in return for cash.





What should you do if you have ransomware:


If you do get ransomware- we recommend that you do not pay them, there is no guarantee that you will receive your data back either way- and the money from payments is what keeps the ransomware machine moving along.


Obviously, everyone’s situation is different. If you only have one pc on your network without any important data and you have money to burn, you could make this as simple as getting a new PC and destroying your old hard drive. However things get complicated as the amount and sensitivity of data grows. We’ve seen medical offices first hand get ransomware, and it’s not pretty.


We’ve also seen businesses that have called us in after getting ransomware, and they neglecting to make sure their backup was in good working order- also not pretty.


Our best recommendation if you get ransomware is to unplug your PCs from both power and your network. If you have laptops take out the batteries. Even if only one PC is showing symptoms, viruses can jump across devices on a network.


Then I’d call an expert in and get their advice. I wish that we had a one size fits all solution, but your best option can vary greatly depending on your industry and the size of your business. That’s not even considering any additional possible compliance issues if you have to contend with something like HIPAA.





How to protect yourself against Ransomware


This is where we focus most of our time, and where you should too. There are three main ways to protect yourself- good user security practices, backups, and software security options. Most ransomware attacks come through emails. The cheapest, and easiest thing you can do is train your staff to handle emails responsibly. Don’t open attachments or links that you weren’t expecting, even from known senders, and as a general rule err on the side of caution for any emails that you are unsure of.


Backups are the second easiest practice to implement. As an MSP, we manage and control our customers backups, but there are solutions like Carbonite and CrashPlan that businesses can fairly easily implement on their own. The trick here is you need to check in on your backup often. If there is an issue with your backup and you get Ransomware, it’s not going to do you much good.


There are also plenty of software security options you can explore- however this is best discussed with an expert as well, as some may be more or less effective for your business. For example there are 3rd party spam filters like ProofPoint that is used by thousands of companies. Even the act of making sure your spam filter on your current email provider is optimized can be a great improvement.


You can also consider a website filtering software that can block your PCs from accessing known dangerous websites, and of courses, great antivirus is a must.





We’ve made a commitment at Embrace to give back, and these articles are one way that we do that. If you have any suggestions for a video, or a topic that you’d like some help on, please comment below; and if you found this helpful, please like and subscribe, and do the same for our YouTube channel at https://www.youtube.com/channel/UCZ9jIKDz7jvAHPZwwKDV14g.



0 views

267-566-8092

200 Junewood Drive, Levittown PA 19055

©2020 by Embrace Computers.