This article includes an overview of the problem and advice on preparing your business for ransomware outbreaks.
WHAT IS RANSOMWARE?
Ransomware is a type of malware that blocks access to a computer system until a sum of money is paid. Many businesses are currently being targeted by "crypto-ransomware", which actually encrypts the files on a PC. The attackers will only provide a decryption key if the victim pays them.
HOW SERIOUS IS THE THREAT?
The potential loss, however, is more than the cost of the ransom payment. The real damage comes from user downtime: when ransomware hits you, your files may be locked and inaccessible for days, unless there are business continuity plans in place (more on that below).
Even if the ransom is paid, you're strongly advised to wipe infected computers. This suggests that the infected business will likely suffer downtime no matter how you respond to the criminals' demands.
HOW DO PCs GET INFECTED?
Ransomware infections happen primarily through phishing emails. A user receives a seemingly innocent email and opens the attachment or clicks a link to download malware.
For DE Web Works' email customers, inbound email is scanned and filtered for all known malware, including all known ransomware variants, based on industry leading virus signature databases.
Unfortunately, there are entire criminal industries dedicated to developing new variants that are unknown to filters. This is why it's critically important to take the prevention steps listed below.
HOW TO PROTECT YOUR BUSINESS
- Make sure you have solid file backups. If you don't have file backup in place, CALL US IMMEDIATELY!
- Educate your employees and coworkers about phishing.
- Educate employees and coworkers about ransomware.
- Build a containment plan. Ransomware has been known to propagate from one user to another.
- Deploy a business continuity solution. If you need help with this, or would like for us to review your plan, please don't hesitate to contact us.