You’ve probably heard of ransomware. Your business may have even been affected by it. Even government services have been hit. Basically, it infects your computer and asks (or demands) that you pay to have it removed. Ransomware goes all the way back to 1989, when a virus called “AIDs Ransom” was written by an allegedly mentally ill professor. It encrypted a victim’s file names and asked for payment before the virus would be removed. This ransomware was distributed via floppy disk sent by mail. Since then, Ransomware has come a long way and the release of Cryptolocker in 2013 brought it back to the forefront.
Since its release in 2013, the FBI and Interpol have effectively shut down Cryptolocker That hasn’t stopped copycats: CTB-Locker, Krotten, CryptoWall, TeslaCrypt/AlphaCrypt, and many, many others. Each of these viruses will encrypt the files on a computer as well as any network drives then demand anywhere from $75 to $800 (or more) in ransom. Some businesses and individuals were forced to pay these ransoms since they had no other way to recover their data. It seems like a new variant is released every week and they have different methods of bypassing our defenses
These viruses get onto a computer network most often via email attachment. They disguise themselves as .ZIP files or even as .SCR files (screen savers). When an unsuspecting user opens one of these attachments, the encryption process begins. Once the encryption process is complete, the victim will see a popup like the one to the right.
To prevent ransomware from infecting any computer network, there needs to be a multi-layered approach to security. Since these infections usually originate from email attachments, the email service needs to have robust antivirus protection as well as the ability to block certain attachments. The computers on the network also must have an enterprise-class antivirus solution.
There must also be a robust backup and disaster recovery solution in case an infection slips through. The latest reports from anti-virus firms and other tracking companies are showing that the ransomers are often asking for more money after receiving the initial ransom payment, or are outright refusing to decrypt the files after the ransom is received, so having a backup is essential.
Contact Us for a free security consultation and to find out how Sullivan Wright Technologies can help secure your network and develop a backup and disaster recovery plan.