You’ve just returned to your computer from a much needed break from your workday to find a terrifying message on your screen. Your computer has been locked down and your files are no longer accessible. You know you haven’t been doing any of the illegal items listed on the warning, but your computer is still useless to you. Unfortunately, your system has been infected with a nasty piece of malware known as ransomware. Just what you needed on a Monday afternoon!
What Is Ransomware?
Ransomware is a type of malware that infects a computer and hijacks files to prevent access to data, effectively rendering the user useless until the issue is resolved. The virus encrypts data with a private key that is required to unlock the files, which is only provided after the “ransom” is paid. The price of the ransom varies depending on which version of the infection is downloaded, but generally costs several hundred dollars. Typically, this key is only kept for a few hours before it is deleted, making the infected user more likely to pay the ransom rather than contact their IT department to report the problem.
The biggest issue with ransomware is that it not only infects a computer’s system, but it creates a much deeper problem than most viruses due to the fact that simply removing the infection does not eliminate the issue. Without obtaining the private key for decryption, important files are still locked down and inaccessible. In addition to hijacking your local files, the virus will also search out for any network storage it can locate and infect these drives as well making any mapped drives from a server vulnerable to the attack. This leaves potential for a company outage until the issue is resolved.
Where Does Ransomware Come From?
The attack can come from several different places: the two most common being downloaded from an unknown source on the web, or clicking on a link in an email from an unknown person. The most recent iteration of the virus “Pacman” is sent in an email link which directs you to a Dropbox download which infects your system. The download does link you to Dropbox, which causes a serious issue, as many of our clients do use the application for their daily business activities.
What Can I Do To Protect My Computer?
What I tell all of my clients is that you are the first line of defense against viruses on your computer. You control the links you click and the websites you view. Therefore, it ultimately falls on you to ensure you are only clicking on safe links and reading safe emails. The biggest issue with downloading files from a website is there are almost always more than one download link on a page and only one of them actually links to the correct file.
If you are unsure of which link to click, or just want to be on the safe side, make sure to contact your IT department and have them install any software you need on your computer. An IT professional can ensure that the software is obtained from a legitimate source and is not installed with any additional bloatware (which often hides within common applications that are installed automatically).
MyITpros also offers an Advanced Endpoint Security (AES) service which is a comprehensive suite of applications that protects users from downloading and installing any viruses. AES includes Webroot antivirus which constantly scans the system and quarantines any found infections. The suite also includes Malwarebytes, which scans any files when opened and also blocks the IP addresses of known malicious websites. AES also includes OpenDNS, which protects you at the network level, by preventing access to known bad websites. The software also blocks any attempt that a ransomware application makes to obtain a key to lock down your computer.
These three products (when properly implemented) can prevent almost all malware. However, no system is 100 percent foolproof because attackers are always finding new ways to get past even the strongest defense. Any system covered by our AES is strongly defended. In fact, any cost associated with the removal of the virus on a system with these applications properly installed is covered by MyITpros in the unlikely event that a system becomes infected.
What if My Computer is infected?
If you are one of the unfortunate individuals who has been infected with ransomware there are a few options that you have to resolve the issue. The first and best option is to restore the files to a point before the infection occurred. This option is easy to implement and can be completed fairly quickly and painlessly as long as your files are backed up. The best way to ensure your files are backed up properly is to contact your IT department and ask which files are included with your backups. Knowing the details of backups also helps to determine which files will be accessible after the recovery.
Because of the cost, most of our clients do not choose to have us provide backup solutions for individual desktops. If so only files saved on the server will be recoverable. For this reason, proper use of your personal folder on the server is even more important than ever to ensure a minimum amount of data is lost in case of infection.
If there is no critical data lost, the removal of the virus is fairly painless and can be completed quickly to allow you to get back up and running after infection. In the rare case that all of your files are saved locally, and you do not have any backups of the information, the final solution would be to pay the ransom to release your files. The fortunate thing about this solution is you do get your files back and the virus will be removed afterwards. However, the cost of a typical ransom makes for an expensive lesson about the importance of backups and properly utilized data solutions.
If you have any questions about virus protection or backup solutions don’t hesitate to contact us. We will be more than happy to discuss your current configuration and make any suggestions to better protect your system from issues that may arise in the future.
[include id="13" title="Blog CTA How To Find The Right IT Services Provider"]
Our goal for this blog is to answer the questions you ask. If you have any questions about security or any other topic please email me at firstname.lastname@example.org. To learn more about IT subscribe to our blog.