Over the past few months we have had a few clients come to us with the same problem, their computer is locked and they can no longer access their important files or applications. Databranch has been able to help all but one recover their systems. The difference between the clients we could help and the one we could not is backup. This is why we emphasize the move to business continuity and our preferred solution, Datto, to all customers and prospects. It’s that important. When we have succeeded against this newest strain of malware, the victims have all had a recent, comprehensive backup to restore from.Below I will breakdown what ransomware is, ways to prevent it, and how to take back your computer if you happen to be hit.
What is Ransomware?
- Malicious software (Malware) that infects your computer and restricts access until you pay a ransom to unlock it.
- Common strains are CryptoLocker and CryptoWall
Signs That Your System has Been Infected
- Any prompt asking you to pay money to decrypt your files. One common reason the attackers give for locking your machine is that you have done an illegal activity on your PC and are being fined by your local police force or the federal government. Always remember that these are false claims attempting to scare you into paying the ransom and that reputable organizations would never work in this manner.
- Increase in pop-ups especially concerning your anti-virus or memory usage.
- Sudden changes in your computer speed. If you turn on your computer one morning and it’s running much slower than the day before you should investigate what’s causing the changes.
Should I Pay the Ransom?
- NO – There is no guarantee that paying the ransom will make the criminals hand over the key to your files and by paying you may be allowing them to gain greater access to your system and strengthen their attack.
How Can I Prevent Ransomware?
- Have a business-class anti-virus installed and performing regular updates on your server and computers. We recommend Symantec Endpoint Protection Cloud Edition.
- Keep all software up to date. Applying updates as soon as they become available is imperative to keeping the bad guys out. When you wait because you’re too busy or don’t want to deal with possible changes or a computer restart, you leave your network exposed because the most common reason patches are released is to fix security flaws in your programs.
- Make sure your business has a firewall installed on your network and that it is turned on at all times. Having a firewall defending your network is a great first step to block out hackers and viruses. (Want Databranch to manage your anti-virus, Windows updates, and firewall? Click here to learn about our managed service offerings!)
- Avoid clicking on any links or attachments from unknown senders. If you receive an email from someone you know and regularly communicate with and it looks suspicious, trust your gut and reach out to the sender before opening anything from them.
- Be wary about what websites you visit and what software you download. Recently, ransomware has been found in advertisements on popular sites like Yahoo and oftentimes the “free” software you find online is riddled with malware.
- Prepare for the worst and implement a backup solution that stores your data off-site and is not directly attached to your device. Click here to learn more about Databranch’s recommended backup solution.
My System has Been Infected! What Should I Do?
- Turn off your computer
- Disconnect your computer from the network.
- Contact Databranch or your IT service provider. Ransomware is continually evolving and becoming more destructive. Databranch can help remove the malware from your system and restore your data from your most recent backup.
Have you experienced a ransomware attack? Share your story or ask any questions in the comments below!