Imagine waking up in the morning, picking up a coffee and sitting down at your office computer to check the latest Facebook wall posts and there it is … a message telling you that someone has 'locked' your system and is demanding payment of a ransom to release your files.
Larger institutions have become targets for ransomware attacks, such as the Hollywood Presbyterian Medical Center in Los Angeles, where a computer system was recently compromised by attackers who demanded 40 Bitcoin (~$17,000.00) before they would remove the ransomware and return the hospital's access.
Ransomware attackers are using more and more sophisticated techniques all the time, and their best efforts have produced a popular family of infections like Cryptolocker, Crytowall and most recently TeslaCrypt.
Cryptolocker debuted in late 2013 and targeted many computers running Windows, hitting hard and fast. The IT world barely had enough time to figure out what it was dealing with. It didn’t take long for users to report a new, unknown virus that took control of their computers by locking down files and demanding a ransom in return for access.
Cyptowall came into the spotlight in April of 2014 and targeted all versions of Windows including Windows XP, Windows Vista, Windows 7 and Windows 8.
TeslaCrypt is the most recent addition to the family and appeared in late 2015 targeting computers with certain gaming software installed.
Ransomware itself is evolving and that’s bad news for everyone … except the attackers. Just as they're constantly looking for ingenious and novel ways to keep their revenue stream alive, users need to try and stay one step ahead of them if we hope to protect our data.
What do you do after being hit by Ransomware?
- Call the authorities. While they will not be able to help you, at least you will have reported the crime for the record.
- Shut down and isolate the infected computer. Disconnect from the network to prevent further damage.
- If you back up on a separate hard drive you may be able to take the last back up and restore your machine from a previous point in time to get yourself up and running.
- Barring a restored backup, decide whether or not you’re going to pay the ransom. If you decide to pay, there is a pretty good chance that it will be in a virtual currency and because digital currencies cannot be tracked, there is no guarantee that the attacker will unlock your files.
How can you protect yourself?
The solution to this is frighteningly simple:
- Back-up your data. If you have a solid, frequent back-up process, you should be able to recover most if not all of the data which was locked or encrypted by an attacker.
- Ensure that you have security software installed and your subscription is current. Keeping your operating system, browser and plug-ins up to date will help reduce your exposure to vulnerabilities.
- Get a Mac. To date, attackers haven’t gotten around to writing Ransomware for OS X since infecting Window’s machines has been so profitable.
When Ransomware first hit the scene back in 1989, it sent perplexity through the computer industry. Since then, we have developed better protections. Ransomware will always be a problem. As people become progressively more security-savvy, it will continue to affect us less and less every day.
Find out how DataStealth can help with Ransomware.
Call us today.