There are three levels of ransomware. Ransomware is a type of malicious software which is designed to block your access to your computer until you pay a specific amount of money.
1.) Scareware – These are lowest on the totem pole and include fake anti-virus and anti-malware clients detecting non-existant issues and demanding money for the program to fix it.
2.) Browser/Screen locking ransomware – Think of the FBI moneypack virus where they claim to have detected illegal activity on your computer and demand a “fine” to prevent further prosecution.
3.) Encrypting ransomware – This ransomware is the worst of the worst and encrypts all of the files on your machine and demand money be paid by a deadline date (typically 72 hours) in order to decrypt them.
Millions of ransom attacks are attempted on companies both small and large each year
-NPR, All Things Considered
Ransomware will encrypt all of your files including financial documents, confidential information, medical documents, etc.
In addition to the above dangers some ransomware will threaten to leak the information that has been encrypted online. This is a severe threat and a danger to customer information.
Law enforcement officials encourage businesses to pay the ransom as it’s the quickest and only way to retrieve your files but we don’t recommend it as there is absolutely no guarantee that you will be given access to your files again. It also makes you a target for future attacks.
So now that we talked about what ransomware is. How can you prevent falling victim to this attack?
There’s no foolproof way to guarantee 100% that you won’t be infected, but taking the below steps will decrease your chances of infection significantly:
1.) Ensure your operating system, browsers, accounting and other software are up-to-date. This means when that window pops up asking if you’d like to update your application, you should absolutely click yes.
2.) Educate end users. It’s important that your employees and coworkers are properly educated on detecting scam campaigns, suspicious websites, and other phishing attempts including social engineering.
3.) Frequent backups are crucial in the event of an infection. Having a backup on a network resource is not safe either as most ransomware infections can traverse the network and mapped drives some can even encrypt data on unmapped network shares. It’s for this reason that we highly recommend having an off-site backup in addition to your local backup.
4.) Use Anti-Virus, Anti-malware, and a firewall to protect yourself.
If you’ve been infected please call us at (843) 608-6560 and we can help restore your business and offer guidance for preventing the attack in the future.