Whenever you are in doubt of an email, just don’t click on it. Send it over to your IT department to examine it first to test the legitimacy. Phishing emails are becoming the norm in spreading ransomware attacks. In Rockdale County, GA on February 6, 2020 they were hit with a ransomware attack. It was identified as coming through the use of email of which 4 examples were identified as phishing emails. As common with ransomware attacks, no personal information was taken, the ransomware encrypted Microsoft Office related files and redirected the windows start up process.

At this time, Rockdale County is spending $15,000 to train employees on what to click and what not to click. The easy thing is to just don’t click. I have always said your best defense is education. You can put a network around Fort Knox but if a user clicks on an email, the ransomware can quickly spread.

Just Don’t Click

According to Homeland Security, the following procedures should be followed immediately upon suspecting a ransomware attack.

  • Isolate the infected computer immediately. Infected systems should be removed from the network as soon as possible to prevent ransomware from attacking networks or share drives.
  • Isolate or power-off affected devices that have not yet been completely corrupted. This may afford more time to clean and recover data, contain damage, and prevent worsening conditions.
  • Immediately secure backup data or systems by taking them offline. Ensure backups are free of malware.
  • Contact law enforcement immediately.
  • Collect and secure partial portions of the ransomed data that might exist.
  • Change all online account passwords and network passwords after removing the system from the network. Furthermore, change all system passwords once the malware is removed from the system.
  • Technology Services installed additional protection/detection software on every computer in the environment.
  • Additional rules/settings were added to the device protection software.

You will need to do a forensic analysis to see exactly how it came in, and identify any left over instances. Discovery Computers and Forensics can do this for you. If you are ever in doubt about an email, JUST DON’T CLICK!