Defense Against the Dark Arts: Ransomware

Call Gnosys today for your free consultation! 352.870.2034

Defense Against the Dark Arts: Ransomware

Defense Against the Dark Arts: Ransomware

What is ransomware?
Ransomware is malware that holds the victim’s files hostage by encrypting them. The malware then displays a note demanding ransom in exchange for a decryption key. Some ransomware, in an attempt to put a little fear into the user, will claim to be from the police, the FBI, or some other type of law enforcement agency. The ransomware may even be able tell what country you’re in and customize its note to seem even more authentic.

How does ransomware get onto your computer?
The most common way that ransomware arrives on your computer is through attachments in spam emails. These malicious emails may have what looks like regular documents attached. Common ones are “invoices” or “fax mail” or “documents from a copier.”  Once you open them, your computer is at risk of becoming infected with malware. Another vector used by ransomware is through attack websites. These may be malicious websites, set up by criminals for the sole purpose of infecting anyone who visits the site, or they may be legitimate websites that have been compromised by the criminals and used to spread malware.

Ransomware goes mobile
The cyber criminals know that many people these days use smartphones and tablets to surf the net and they have seen a huge opportunity to make money from this. Unfortunately, ransomware for mobile devices is becoming more common and there are now plenty of threats that can lock your smartphone or tablet or even encrypt the files stored on these devices.

What if you do get infected?
If you do get infected with ransomware, don’t panic. First know that the police and other law enforcement agencies will never lock your computer or encrypt your files and ask you to pay a fine over the internet. On the subject of paying, this is definitely something you should never do. Paying the ransom does not guarantee your computer or files will be unlocked; often the bad guys just take the money and run without unlocking the computer.

There are many different ransomware variants (CryptoLocker, CryptoWall and others) and depending on which type you have been infected with, there may be a simple solution to removing most of the infection. You will still need to ensure that there are not some bits of it hiding to run again at some future point.  If your files have been encrypted, you will need to restore them from a backup.

If you don’t feel confident trying to remove the ransomware yourself, ask for help.

Protect your files
On your computer:

  • Don’t open attachments from people or organizations you do not know and be suspicious of ones coming from seemingly known sources that you are not expecting.
  • Make sure you have comprehensive security software installed, such as Symantec Endpoint Protection, Malwarebytes, Avast or SpyHunter.
  • Keep the operating system and software on your computer up-to-date by installing the latest security patches and updates.
  • The most important safeguard and the only one certain to work is to have solid backups both on and offsite.

On your mobile device:

  • Avoid downloading apps from unfamiliar sites and only install apps from trusted sources.
  • Install a security app, such as Norton Mobile Security or Lookout.
  • …And yes, the best thing here is also backups.

These simple measures can save you tons of money and hours or even days of downtime for your business. Gnosys Networks offers all of these services and more for your business. Call us!