I know I have posted articles about ransomware many times, but these days, you can’t have enough information on the damage ransomware can cause. So what is ransomware? Long story short, it is a malicious software used in a cyberattack to encrypt your data with an encryption key that is known only to the attacker. In order to get your data and all your files unencrypted, you will need to make a ransom payment in “cryptocurrency” also known as Bitcoins.
If you are the victim of one of these attacks, the first thing to do is restore from backup. Your data will be completely unusable, so you will have no other choice. Problem here is that they are now finding ways to attack your backups, within a minute of gaining access to your systems.
What you can do
First thing is to implement the best practices you can. Have good, strong secure backups, educate your users on what to click on and what not to click on, and deploy as many “protection” tools you can. Aside from antivirus and antispyware, Tier3MD offers such tools as CryptoPrevent and OpenDns to help you secure your systems. You may want to look into these.
Before you even get an attack, the best thing to do is prepare for one. Think it through..what would you do if you were hit today? You want to make sure you have fast and effective policies and procedures in place. You may want to test them prior to the real thing!
Ransomware is getting better
Unfortunately, ransomware is constantly evolving. It is the fastest growing malware threat today. For example, CryptoWall — one of the most lucrative and far-reaching ransomware campaigns on the Internet
today — was initially unleashed in 2014 and infected billions of files worldwide. Since that time, three additional variants of CryptoWall have been developed, each more sophisticated than its predecessor. Since they are earning billions on ransomware, I don’t expect that number to go down anytime soon.
If you are hit with a ransomware attack, report it! The U.S. Federal Bureau of Investigation (FBI) is urging ransomware victims to report their infection details, which will in turn give the FBI a more comprehensive view of ransomware’s spread and impact. The FBI says it has been challenging “to ascertain the true number of ransomware victims as many infections go unreported.” The FBI is concerned that victims are not reporting infections for a number of reasons — one main reason being that victims don’t see the point in doing so, especially if they resolve the issue internally either by paying the ransom or cleaning the malware infection.
If you need help, or suspect you have been hit, contact the Tier3MD helpdesk for assistance.