Ransomware, in its most basic form, is self-explanatory. Data is captured, encrypted, and held for ransom until a fee is paid. The two most common forms of ransomware delivery are through email and websites.
Just recently one of our clients was the victim of a horrible ransomware attack. All of their files were lost. They had no access to their database, reports, year end accounting, etc. Talk about nightmare . . .
The only databases they have at this point are the ones that enSYNC holds because of the need to upload it to our parent company last week. Fortunately our team was able to spin them up a server and give them access to an iMIS database (which they are very grateful for as it is the only thing they have access to).
A ransomware attack is almost always initiated by clicking on something in an email that runs an executable. This could be an actual executable file or a macro in Excel. Most of the time it will appear to come from someone that you believe to be safe.
What to do when you are attacked
In the case of a ransomware attack even the most experienced computer users get into a panic. Therefore, every employee should know exactly what to do if they get attacked by ransomware . . . EVERYONE!
For remote staff – if you are connected to a VPN, not only could it encrypt the files on your own computer, but it could encrypt all of the files on shared drives and anyone connected to those shared drive.
For office employees – it could encrypt everything on the network.
Best practices for preventing an attack:
- Start with a good antivirus and firewall system. Keeping this security up to date is critical.
- Keep good backups. This is the best and fastest way to regain access to your data.
- Consider using cloud services. These systems often retain previous versions of files to all you to roll back to an uninfected time.
- Keep your operating system and other software up to date as well, because they include patches for new vulnerabilities as they are discovered.
- Do NOT click on a link or an attachment in an email if you are not expecting it or if it comes from an unusual source.
- If you see something suspicious in your email, TELL OTHERS so they don't click on it
Best practices if you have been hit:
- Don't pay the ransom, because it only encourages the scoundrels. That's why prevention with good security software and backups is so important.
- If you do happen to open one of those nasty emails and click on the link, turn off the wireless on your computer immediately to get it off the network.
- Turn off your computer as well.
- Call your IT department STAT.
If you would like more info on ransomware attacks, visit this website.