Ransomware warningThis Thanksgiving put your mind at ease by making sure your San Diego IT support team understands the growing concern to block ransomware. That’s a new word in the business lexicon and it’s defined as malware that hijacks computer access until a payment is made. Most of the time it’s aimed at individuals, but there’s still a chance it can affect businesses.

2016 State of Ransomware

Ransomware has been dramatically on the rise in recent years. In 2016, for example, it has increased by 300%, according to the U.S. government. It has equated to about 4,000 attacks on a daily basis in 2016, compared with 1,000 in 2015. Even worse, it continues to get more elaborate in design and its capability to scoop up online cash illegitimately. Damages piled up to $24 million in 2015.

One type of ransomware jams your screen with a large image or web page. The other type encrypts files, preventing them from opening. While some ransomware enters a computer system when you download ads or files from a peer-to-peer site, the most common method is through clicking an email disguised as familiar and safe. Then once you click the attachment, your system downloads a zip file that contains an .exe file, which adds a key to the Windows registry.

Another form of ransomware in the “covert communication” category allows downloaded malware to connect with a command and control server. As it shifts between servers, it is difficult to detect. The original ransomware program, called Cryptolocker, generates both a public and private key. Once in the system, the malware rapidly sneaks into the background without the user noticing until it asks for a ransom payment.

How To Remove Ransomware

•    Discontinue network connection and data backup.
•    Check other machines on the network for infections.
•    Remove malware with anti-virus software and clean your computer.
•    Do a test run in Safe Mode and search for other infected files.
•    Locate your most recent clean backup and restore to fresh backup set.

Educate Your Clients

Your best approach in dealing with clients is to keep them updated on consumer threats and alert your San Diego IT support personnel. Remind both customers and your IT provider that cybersecurity is a top priority. If they are attacked, make sure you are quick at enforcing your recovery plan. It’s important to keep making new backups constantly, otherwise you may lose data or be forced to pay the ransom.

Disconnecting from the network as soon as possible once you learn of an infection is a wise strategy. This will stop the malware from overwriting clean backups with infected files. Once you remove the malware, it means you will be unable to recover files unless you pay the ransom.

Prevention Tips

•    Update (OS, anti-virus, anti-malware) software regularly.
•    Turn off macro automation in pre-2016 Windows Office documents.
•    Consider a next-generation firewall.
•    Test your restored backups as often as possible.

Conclusion

Making sure multiple versions of your files are stored in various locations is an excellent way to fight ransomware. Otherwise you may have to pay cyber criminals just to get back the files. That money might be better spent on a company Thanksgiving dinner for employee appreciation. To improve your San Diego IT support, contact Spacelink. We can help you fight cybercrime so that you can relax for the holidays.