Ransomware is a particularly nasty type of Malicious software, a bit like a very nasty computer virus. Once it’s installed itself on your computer it encrypts all the documents, videos, photographs, and any other user data it can find, both on that machine and any other machines or disk drives it can see on your home or office network. Once it has encrypted or scrambled all your important data, it then announces what it’s done and asks for a payment to be made to unlock your files. So in effect it’s holding you to ransom, hence the name.
Now you understand why you should be worried about this sort of attack. Every single data file, either personal documents or company data, will be completely useless. So do you pay the ransom, this is usually several hundred pounds in an untraceable Internet currency called bitcoins? The police force Cybercrime departments usually advise against paying these ransoms, as there is no guarantee that payment will, in fact, persuade the perpetrators to unlock your files.
So, what can you do to protect yourself from this particularly nasty type of attack?
Well, you can do two things:
1. Try not to let Ransomware onto your machine in the first instance.
2. Make sure you can recover all your data in the event you do get infected with this Malware.
So, how do these criminal Internet gangs get the Ransomware onto your computer?
The most common method is to send you an email containing a hyperlink or more commonly an attachment. This email usually is about an unexpected large payment into your bank account, or a large charge to your credit card, or some court papers, or a parking ticket, or a speeding fine. I have seen emails using each of those tactics, but there are probably more. The senders are trying to make you open the attachment or click on the hyperlink in the email. As soon as you do this, then the Ransomware is installed onto your machine, and the damage has been done.
So the best protection is to NEVER, open any email attachment, or click on a link in an email if it looks the slightest bit suspicious. If you don’t know the sender, just delete the email. If you do know the sender give them a call and check the email is genuine BEFORE opening the attachment or clicking the link. Make sure you have an Internet Security Suite, like AVG Internet Security, or Norton, or McAfee, on your machine and keep it up to date; but be aware the security suite alone will not protect you completely. If you open the attachment or click on the link, you are definitely at risk.
What do we do if we have accidentally let the Ransomware into our machine and have the dreaded ransom notice in front of us?
You need to turn off your PCs and get the Ransomware software removed. That job is going to require the services of your IT department or whichever external IT support company you use.
Alongside that job, you need to recover all your data from the last “off network” backup that you have. What do I mean by “off network”? Well, the backup media cannot be connected to your network. Otherwise, that will have also been encrypted, so a backup drive permanently connected to your PC or network isn’t any use in this particular scenario. The backup media needs to be a USB memory stick or external hard drive that is REMOVED after the backup has finished. You can use a series of six or seven sets of removable backup drives, swapping them daily. That gives you six or seven days to realise you have been attacked before your last good backup has been overwritten.
Some people find the manual backup method a chore, so more and more of our customers are moving to automatic “off network”, cloud backup solutions. The one we use keeps older copies of your data for a full 30 days, giving you plenty of time to realize you have been infected, and this particular system has been proven to be successful in completely recovering from a Ransomware attack.
If you need more information on protecting yourself from Ransomware, we are always happy to offer free advice.