Ransomware is a form of malware—or malicious software—that prevents you from using your computer and/or encrypts your data to block you from accessing it until you pay a ransom. Some studies say that a small or medium-sized business will be infected by ransomware every 40 seconds! Moreover, 1 in 5 victims who pay the ransom will never get their data restored. Ransomware continues to be a leading threat to businesses in 2018, but you can get ahead of the game by checking out this ransomware information roundup.
Common methods of acquiring ransomware:
- Spam email containing malicious links or attachments
- Redirects to malicious websites
- Legitimate websites containing malicious injected code
Common signs that you’re infected:
- A popup that prevents you from closing it and tells you that you must pay to access your content
- Files that won’t open, or errors such as “Windows can’t open this file”
- A website or text file that automatically opens and tells you that your files are encrypted
Common methods of prevention:
- Up-to-date antivirus program
- Operating system and software patched and updated regularly
- Don’t use administrator accounts for daily use
- User education on email spam/attachments
What ransomware looks like
Below is an example of a type of ransomware called CryptoWall, which appeared in the form of a popup on the screen of the infected source:
What to do if infected
If you suspect that you’ve been infected by ransomware, you should immediately power off the system and unplug everything. Ransomware can easily spread from a single workstation to any accessible media—including external hard drives, network shares, servers, data backups and so on—and cutting the source of power can help stop other sources from becoming infected. Next, contact your managed IT services provider to report the suspected ransomware. Your MSP can work with you to determine what may have been affected, as well as to potentially restore missing data.
Bottom line: Some versions of ransomware will not only affect the workstation that activated them, but can spread into network drives and backups. Because it is so easy to acquire and spread ransomware, you must be careful when clicking links or opening attachments, especially from unfamiliar sources.
In addition to using the tips above, we highly recommend working with an IT professional to determine the best way to regularly back up your data and prevent that data from being hijacked. If you’re unsure about where to start, MyITpros is happy to talk with you about our security services and help you figure out your next steps!