Ransomware has become the bogeyman of the IT world, sending managers, freelancers and, well, just about everyone really, into a sweat. It seems like it’s a new threat, but it’s thought that the first versions – scareware – started hassling people way back in 2005.
What is ransomware?
Scareware used to frighten people into believing that all their information would be broadcast to the world at large if they didn’t pay up before the deadline; but in reality, this threat had no basis at all. The malware couldn’t get into any files and it preyed on the less-savvy users out there.
Cryptographic ransomware does have some weight behind it, however, because it encrypts files, blocking users from their own information! Generally, the ransoms range from £80 to £200, which desperate people sometimes pay. This only encourages the criminals, which is why ransomware is so widespread.
How does it work?
Ransomware isn’t a virus – you have to let it in, usually by poor security. Very sophisticated phishing emails that look exactly like they came from your bank are so convincing that they’ve duped even security-conscious people.
The ransomware usually involves an innocuous attachment, but within the attachment is another file. Once it’s installed, it starts to gather your information, ready for its activation. Sometimes it’s automatically activated by a timer, or it can be activated remotely. Once activated, it starts to encrypt target files, then you’ll get the ransom messages. This is when you call your IT support in Birmingham for help.
How do you protect yourself?
Quite simply, you and your staff need to be more careful!
Back up everything
Ransomware relies on there being only one copy of a file; if you can access another copy, then the scammers can whistle for their £200. It’s boring, but it’s more vital than ever. You should backup regularly and store copies safely off-network.
Keep everything up-to-date
Ransomware needs people and businesses to be lax when it comes to security, or a bit passive about it. Prevention really is better than the cure here, so make sure all your security software is updated, as well as on all of the devices on the network so that there are no handy exploits.
Use the cloud
So, there’s backing up, updating, good email hygiene and external storage. There’s also the cloud storage solution; cloud systems can be hacked, but they update very regularly so there’ll be several copies of each of your files.
Train your people
You need to train everyone – from juniors to the CEO – to handle emails properly – to look out for spoof emails or phishing attacks, as well as any other red flags like hidden file extensions. Make sure everyone reads emails from the IT support people, as these often contain security information and warnings.
Don’t trust anyone
The more convincing an email looks, the more likely it is that someone will download the attachment. Make sure no-one downloads any attachments from an external or unusual source without screening it first. It may be better to avoid attachments full stop until an IT bod has had a look at it.
Don’t pay a penny!
You’ve got other copies of that essential file, right? So, don’t part with a bent penny. The number of ransomware attacks has rocketed in recent years because people have paid the fee.
Additonally, there’s no certainty that the scammers will actually decrypt your files once you’ve paid! If these teams know they’re less likely to get paid, they’ll get the message that ransomware isn’t as lucrative as it used to be.
This post is in association with Probrand