Ransomware is malicious software designed to block access to a computer and everything that is on it until a sum of money is paid. Attacks are becoming more frequent with several versions: Cryptolocker, Cryptowall, TeslaCrypt and more recently Petya, Jigsaw and Lockey. Two technology trends are fueling growth in ransomware attacks: the increasing power of computers which can encrypt their own files in a matter of hours, and the rise of anonymous payment systems like Bitcoin.
Ransomware attacks target individuals and a variety of organizations including hospitals, schools, police departments, government agencies and businesses. In early February, Hollywood Presbyterian Medical Center, a 434 bed facility, was attacked and shutdown for 10 days. The hospital with lives at stake was forced to pay the ransom of 40 bitcoins, about $17,000.
In systems infected by cryptolocker, users are only able to see the following screen which tells them how much they owe, how to pay, and how much time is left before the system is reformatted. If infected, the choices are pay the ransom, or spend hours or days recovering data from backups.
Fortunately, there are things end users can do to prevent attacks, contain damage if attacked and recover quickly:
- Keep antivirus software up to date. Many AV companies have developed fixes for some types of ransomware.
- Update OS, applications, and security software.
- Configure browser settings to be as secure as possible.
- People are often the weakest link. Train employees regularly on best practices: Be cautions when surfing the web avoiding risky sites, and do not open any unknown attachments, especially any with an .exe or .zip extension.
- Once an attack is discovered, isolate the infected machine by removing it from the network ASAP.
- Determine the scope of the problem: how many machines, what virus, how much data?
- Identify the source so that the attack path can be prevented in the future.
- The key to recovery is to have regular backups of EVERYTHING.
Ransomware attacks are becoming more frequent. Individuals and organizations need to take steps to prevent attacks as well as be prepared in case an attack occurs. Ventura Tech helps clients minimize attack risks by installing and auto-updating antivirus software on all machines, automating OS and application updates, and providing employee training tools. In addition, Ventura Tech helps clients prepare for a potential attack by insuring proper backup systems are in place for quick recovery.
Protect your company and minimize downtime. Contact Ventura Tech today for more information.