Ransomware can ruin your day. It can be an annoyance or it can wreck you company or organization. The most important piece of advice we give our clients that, in spite of everyone's best efforts, should they be attacked by ransomware is to first: DO NOTHING! Call us. We've been quite successful in helping to recover from ransomware attacks, even for those who are not our clients. However, once non-technical people start trying to fix an attack themselves, things can spiral out of control very quickly. This article from our friends at Norton by Symantec provides basic advice for individual and small systems users. It also contains good general advice for users and systems of all sizes.
Malicious software that uses encryption to hold data for ransom has become wildly successful over the last few years. The purpose of this software is to extort money from the victims with promises of restoring encrypted data. Like other computer viruses, it usually finds its way onto a device by exploiting a security hole in vulnerable software or by tricking somebody into installing it. Ransomware, as it is known, scores high profile victims like hospitals, public schools and police departments. Now it has found its way into home computers.
The nefarious ransomware business model has turned out to be a lucrative industry for criminals. Over the years its ill repute has made law enforcement team up with international agencies to identify and bring down scam operators.
Most of the ransomware attacks that have taken place in the past have been linked to poor protection practices by employees.
There are a few dos and don’ts when it comes to ransomware.
- Do not pay the ransom. It only encourages and funds these attackers. Even if the ransom is paid, there is no guarantee that you will be able to regain access to your files.
- Restore any impacted files from a known good backup. Restoration of your files from a backup is generally the fastest way to regain access to your data.
- Do not provide personal information when answering an email, unsolicited phone call, text message or instant message. Phishers will try to trick employees into installing malware, or gain intelligence for attacks by claiming to be from IT. Be sure to contact your IT department if you or your coworkers receive suspicious calls.
- Use reputable antivirus software and a firewall. Maintaining a strong firewall and keeping your security software up to date are critical. It’s important to use antivirus software from a reputable company because of all the fake software out there.
- Do employ content scanning and filtering on your mail servers. Inbound e-mails should be scanned for known threats and should block any attachment types that could pose a threat.
- Do make sure that all systems and software are up-to-date with relevant patches. Exploit kits hosted on compromised websites are commonly used to spread malware. Regular patching of vulnerable software is necessary to help prevent infection.
- If traveling, alert your IT department beforehand, especially if you’re going to be using public wireless Internet. Make sure you use a trustworthy Virtual Private Network (VPN) when accessing public Wi-Fi like Norton WiFi Privacy.
Ransomware criminals often attack small and medium sized businesses. Among other cyber attacks, ransomware is one criminal activity that can be easily worked around with the above-mentioned solutions.