Ransomware

Ransomware has been in the news recently after it has emerged that a number of UK Universities and NHS Trusts have been targeted.

It is a type of software virus, commonly known as Malware, which locks a PC or some of its content and then demands a ransom payment to regain access.  The most common ways ransomware can end up on your PC is via an email download (e.g. an attachment), or with a download from a compromised site.  These are often disguised to look like legitimate files.  Ransomware can also infect your PC through ports open for the internet, like ones open for RDP.

Once your PC is infected with ransomware, it can be very difficult to remove or circumvent.  Some ransomware can also encrypt mapped drives (anything named e.g. d:, e:, f:, and k:), so could even affect USB or network drives. This could mean you lose access to all of your files, which could have a crippling effect on a small business.  Paying the ransom is not advised, as there is no guarantee you will get your data back, and there are very few legitimate ways to recover the data.

Having a solid prevention plan is the best way to avoid problems.  This should include:

Spam filter – filters out emails that it thinks contain malware.  No spam filter works perfectly, but it’s a good first line of defence

Firewall – a firewall may be able to detect any attempt by the ransomware to contact its server.  If it manages to disrupt this communication, the data can’t be encrypted

Anti-virus program – having reputable and up-to-date anti-virus software will protect your files, however malware gets updated and modified regularly, so it can be difficult for security companies to keep up

Regular Backups – If you are backing up regularly, you will be able to roll back to a version of files that weren’t infected with malware.  Having a robust backup plan is the best way to deal with the ransomware problem.

Most ransomware attacks are opportunistic in nature.  If you are careful about which files you open and have prepared a security plan, you should be able to avoid the trouble.

Leave a Reply

Your email address will not be published. Required fields are marked *