The Next Level Blog

Ransomware: What You Need to Know

By April 6, 2016 Alerts, Security No Comments
Ransomware

You’ve likely heard about ransomware, but how serious of a threat is it? Are you really at risk? Unfortunately, its seriousness has grown in recent years. Ransomware can paralyze businesses if they aren’t prepared. And you are at risk if you don’t take the proper precautions.

As a full-service IT provider, The Brookfield Group is all too familiar with ransomware. We take great precautions to protect our company—and yours—from such threats.

Keep reading to learn what you need to know about ransomware.

What it is
Ransomware is a cyber attack where malicious software is deployed to disable the functionality of your computer. This software virus infects your computer and completely locks it up so you can’t use it—until you pay a ransom.

Ransomware predominantly arrives either via a “stealth” download or through a user clicking on an infected advertisement. Some distribution via email has also been seen. Recent attacks have also displayed images that impersonate law enforcement. The ransomware may lock the system and display ransom messages, or it may systematically encrypt files on the system’s hard drive that only can by decrypted by an encryption key. And these days, ransomware doesn’t just affect desktop machines or laptops; it also targets mobile phones.

Perhaps, most alarming of all, attacks are increasing in frequency:

  • Crowti (also known as Cryptowall) and FakeBsod are currently the two most prevalent ransomware families—they were detected on more than 850,000 PCs running Microsoft security software between June and November 2015.
  • Ransomware attacks rose 26 percent in the last quarter of 2015 from the previous quarter, according to a report from McAfee Labs and Intel.
  • Symantec has estimated, conservatively, that at least $5 million is extorted from ransomware victims each year.
  • The FBI estimated last year that extortionists had swindled some $27 million from users who did pay.

The Effects on Businesses
Ransomware can severely impact companies, with small firms particularly vulnerable. Attacks on businesses usually originate overseas and are more sophisticated than attacks on the common Internet user. While businesses try to fight ransomware attacks, they lose productivity due to downtime, data not backed up and interruptions in business continuity as IT gets users back up and running.

Protecting Your Company Against Ransomware
A reliable, multi-layered security solution is the only thing that will stop ransomware. Additionally, to avoid getting infected:

  • Make sure all the software on your system is updated. This includes the operating system, the browser and all of the plug-ins that a modern browser typically uses.
  • Ensure anti-virus definitions are up-to-date. With the thousands of new malware variants running every day, having a set of old virus definitions is almost as bad has having no protection.
  • Avoid suspicious sites and don’t click on links or opening attachments or emails from people you don’t know or companies you don’t do business with.
  • Make sure you are leveraging the full set of protection features delivered in your security product.
  • Have a pop-up blocker running in your web browser.
  • Regularly backup your important files with a cloud storage service that keeps a history or archive of your files.

What to do if you are affected
If your computer is infected, do NOT pay the ransom. Even if a person does pay the ransom, the cybercriminals often do not restore functionality. The only reliable way to restore functionality is to remove the malware. After you’ve removed the ransomware infection from your computer, you can restore previous, unencrypted versions of your Office files using “version history.”

Ransomware is a serious form of extortion so contact your local FBI. Most offices have units devoted to cyber attacks.