Dealing with Ransomware

May 17, 2016

Ransomware such as Cryptolocker has made a lot of headlines in recent months mainly because it can cost you dearly. But also because it has affected a large number of people. Most of us know someone or have heard of companies that have had to deal with this type of situation. And it can be very devastating to a company.

So, exactly what is Ransomware?

Ransomware is a type of malware that infects your computer and encrypts and locks your data files. Then, typically, there is a warning screen alerting the user that the system has been locked and they must pay a certain amount of money within (generally) 72 hours or the data will be deleted, destroyed or otherwise unable to be unlocked.

How much is the Ransom?

We have seen ransom’s of anywhere from $300 to, most recently, a California hospital that paid $17,000 and it can depend heavily on who’s computer has been locked. If it is a higher profile company, the higher the ransom.

What should I do to help prevent it?

The 3 best things to do are; Make sure you have Antimalware software for your computer that is up to date, Backup your data and use a DNS service.

Even with the most up to date Antimalware software, new malware is always out there that may not be detected. With a good backup of your data, at least nightly or as we like to say “backup your data as often as you can afford to lose it”. That means, if you can go for a whole week and lose the sum of what you have done that week without being affected then you only need to backup once a week. For most people that is not often enough so we highly recommend a nightly backup of your data.

What is a DNS Service?

DNS services block phishing websites and help prevent malware. Some offer customizable filtering and even parental controls but the main reason you want it is to prevent ransomware programs from being able to contact their site or “phone home” as it is referred to. If the ransomware cannot contact its home site it cannot encrypt your files. DNS services block these sites and prevent files from being encrypted.

Why is a data backup so important?

If you have a good backup, the ransomware is generally easy to remove from the system. The encrypted data can be deleted and the backup data can be restored, thus, the only amount of down time and loss is related to what you have done that day to the point you were infected and the time it takes to restore the data. Generally, a lot less the ransom would cost you.

If you pay the Ransom, are you guaranteed to get your data back?

The simple answer to this is no. remember, you are dealing with criminals. That being said, it is in their best interest to release your data once you have paid. If they don’t, no one would pay the ransoms after a while.

Should I call the Police or the FBI? Isn’t this a crime?

You should always report crime, that being said they will probably not be of much help. A recent statement from the Boston Bureau of the FBI stated “it’s up to individual companies to decide for themselves the best way to proceed. That is, either revert to back up systems, contact a security professional, or pay”

If you have questions or would like to inquire about Antimalware protection, Backup services or DNS services, please contact us at sales@acaciait.net

Posted in Security, Technology News and tagged , , , , ,