Are you exposed to the threat of Ransomware?
Ransomware is a type of malicious software that blocks access for a user or to a company’s files or computer system unless they pay a ransom.
Ransomware can target anyone, from individuals and small businesses to large organisations or Government Departments. It can prevent you from using your computer or accessing your data by encrypting, or scrambling, your files so they can’t be read.
The attacker will demand that you pay money — a ‘ransom’ — to get your files back. They’ll often ask for payment in an online currency like Bitcoin, which is harder to trace.
The ransom is often quite small, to encourage people to pay it. The attacker will assume that it’s easier for you to pay the ransom than to get someone to fix the problem. But, it’s important to know that paying a ransom doesn’t mean that you will necessarily be able to access your data again. More often, the attacker will simply take your payment cease contact, leaving your files encrypted, or demand more money.
- Do not open suspicious emails
- Refrain from visiting suspicious websites
- Backup data frequently and keep them offline
- Install the latest patches and updates
- Keep anti-malware programs up to date
- Update firmware on firewalls and test that they are secure
There are three main types of Ransomware
Crypto-ransomware encrypts your files with an unknown password. The password is randomly generated by the attacker to make it impossible for you to guess. You won’t be able to access your files unless the password is provided by the attacker.
Lockscreen ransomware works by locking your computer or your files. A message will appear on your screen telling you that you need to pay a ransom before you get access back. You won’t be able to remove the message or access your desktop, your apps, or any of your files.
pay-or-we-will-leak-your-data – This method steals your data and then the operators make extortion demands to leak data if they’re not paid. They may also encrypt the data. Websites have been created where they list all the victim companies who didn’t pay and have started leaking some of their data.
Preventing a Ransomware attack
Here’s what you can do to reduce the likelihood of a ransomware attack on your computer.
- Update your operating system and your apps when new versions are available. You can set this up to happen automatically with Windows and a lot of other applications like Office.
- Make sure you back up your files regularly. This includes the files on your servers, computers, phones and any other important devices. You can:
- Do an ‘offline’ or ‘cold’ backup. Back up the data to an external hard drive and then remove the hard drive from your device
- Do a cloud backup or speak to Acclaim about our managed online backup hosting service for servers and workstations.
- Install antivirus and anti-ransomware software on your computer if you don’t already have it, and update it regularly.
- Install a firewall to stop traffic from untrustworthy sources getting into your network and computer.
- Don’t enable macros in Microsoft Office.
- Talk to Acclaim about ensuring your support contracts — with your antivirus provider or your firewall provider for example — are up to date.
If you’re affected by ransomware
Talk to your Acclaim engineer as soon as you are aware that your computer or network may have been targeted by ransomware.
There’s a number of steps that may be taken to fix your computer if it’s infected by ransomware. Restoring your system from your most recent backup may erase the ransomware – but note; sometimes the ransomware may be resident on your system for a while before it deploys. It’s important that your backups are tested to ensure they are not encrypted or carrying the ransomware.
Acclaim will also:
- Confirm if you have ‘real’ ransomware on your computer. Attackers sometimes install fake ransomware to scare people into paying them.
- Attempt to get rid of ransomware from your computer, depending on the type of ransomware it is
- restore your computer to its factory settings and rebuild it for you if we can’t get rid of the ransomware — this may also erase all of your files.
- advise you on security to protect yourself in the future.
- install appropriate security protection.
We recommend you don’t pay the ransom, as there is no guarantee you’ll get your data back.
It could also put you at risk of further attacks — if an attacker sees that you’re willing to pay them, they could simply target you again. Paying ransoms supports this kind of criminal activity.
Acclaim Group
Contact Details
Unit 4, 6-8 Omega Street
Albany, Auckland
Phone: +64 9 415 0984
Email: sales@acclaimgroup.co.nz