Everyone seems to have at least a basic understanding of what a computer virus is, but often when you speak about ransomware, people are not sure what it is, the damage it can do and how to protect themselves.
What is Ransomware?
Ransomware is a form of malicious software which aims to install a file lock over certain types of files, usually text, spreadsheets and presentation documents.
Once the lock is installed, you won’t be able to access any of your files without a decryption key which only they can provide for a price.
They also set a time limit for you to make a decision, and at the end of the time limit, all your documents are locked forever, which of course is aimed to add a little more stress to the situation. It is basically a hostage situation but with all your personal documents.
How does Ransomware gain access to your system?
There are a number of routes ransomware can take to get into your system, but the most common way is through attachments on e-mails.
This can be phishing spam, where the e-mail has the look and feel of a genuine e-mail from a real contact, but is actually someone either trying to get information from you, or trying to put something like ransomware on your machine, or it could be that one of your contacts have had their e-mail account hacked and the attacker is using their account to send out these threats.
The downloading and opening of these attachments are the key behind ransomware getting on your system, and once it starts, it will spread throughout the network.
Who is usually targeted by Ransomware?
The answer to this is businesses, as the attackers are usually asking for considerable sums to decrypt the files, which general home users usually won’t or can’t pay.
The unfortunate thing is though, that general users can get caught up in it if they open the wrong e-mail, so it is still worth following the steps given below to give yourself the best chance of avoiding an attack.
How can I prevent ransomware getting on my system?
Safe e-mail practices
- Be very suspicious of emails from people or businesses you don't know, particularly ones that promise you money, good health or a solution to all your problems. In business terms, a fake invoice is usually the 'go to' scam.
- Be suspicious of unexpected emails from your bank or financial institution. Remember banks do very little business via email and never ask for confidential information via email.
- Be cautious about opening any attachment or downloading any files from emails you receive, regardless of who sent them.
- Don't email personal or financial information.
- Don't reply to email or pop-up messages that ask for personal or financial information, and don't click on links in the message or paste a link from the message into your Web browser.
Up-to-date Anti-Virus and Malware protection
An all in one up-to-date anti-virus service will give you a good chance to defend against ransomware.
Although not always 100 percent, they will often detect when a malicious program finds it's way to your machine and block it from actually running.
Keep your operating system patched and up-to-date
This is sometimes the most overlooked one, we all hate when we come into the office in the morning, and have to see “Windows is installing updates” screen, however it is necessary. Malicious software can exploit vulnerabilities in your operating system, and Microsoft spend a lot of money trying to stay ahead and fix these vulnerabilities in their system.
If you don’t run the updates then you may still be vulnerable to an attack.
If the worse does happen, and you do find yourself with ransomware on your machine, then by far the best option is to rebuild your machine, and reinstate one of the regular backups you have taken. Of course there is the hassle of having to do this, but it's much better than dealing with the alternative.
We here at Enterprise Systems have plenty of experience installing backup systems, so feel free to get in touch if this is of interest to you.
Should you pay the ransom?
This is a debate not suited to this short article, my personal feeling is that if everyone unified and no-one paid then these attacks wouldn’t be out there and the world would be better. However I understand that when a business is hit, especially a big business, the first thing that likely happens would be the cost/benefit analysis.
Attackers tend to keep their prices around the £1000 mark, which is an amount companies will usually take up, rather than put up with the associated disruption.
Should you pay the ransom?
Generally, if you follow the e-mail guidance given above, and perform regular backups of your system then you shouldn’t have any issues with Ransomware. The key is that it’s a lot easier to prevent a ransomware attack, than to recover from one. If you’d like any more information on Ransomware, or would like us to help you protect your business against a potential attack, then please get in touch.