Ransomware, your business data held hostage.
You may have read the headlines, it maybe something you hear about in business meetings, Ransomware is very real and causing major problems for businesses. The question isn’t how you are protected from getting ransomware taking over your machine, but how your Disaster Recovery Plan for your business is built. A lot of people see the headline “Disaster Recovery Plan” and automatically envision them showing up to work one day and seeing a smoldering pile of rubble where their building once stood. While that is a disaster that isn’t the disaster we are talking about today, were talking about the one you don’t see, the one that sneaks up on you while you’re browsing the latest hot gossip in Hollywood.
How Ransomware works
CTB Locker and Cryptolocker are just some of the Ransomware out there right now and they work in a very specific way. Cryptolocker traverses under the guise of a Trojan, once it hit’s to your system it registers itself as a startup service and checks in with a server. Once it has successfully checked in, it assigns itself a bitcoin account and begins encrypting over 70 different file extensions from your system. From your documents, to your CAD drawings, the software works on encrypting everything with their own private key. The problem is, you need that key to decrypt and get your files back. And if you haven’t already closed this page, the only way to get that key to decrypt your files is to pay them. The amount varies depending on the amount of data they encrypted and are holding hostage. You are left with a wallpaper or a text file letting you know that your files are encrypted and you have XX:XX:XX amount of time before your private key is deleted and you are left with no way to decrypt and save your files from destruction.
Common Misconceptions on Ransomware and Backups
A lot of conversation when it involves Ransomware is that the customers are using Dropbox, Backblaze, Mozy or any other number of cloud backup and sync products. What most fail to realize is that if your data being backed up is the encrypted data that was already encrypted by Ransomware. The only thing you’ve backed up is encrypted files you can’t decrypt! Now the question comes, how long is the retention on those backups? Most customers don’t know and fail to realize that their 2 weeks of backups are now encrypted and worthless. The only data they can harvest is from almost 3 weeks ago. YIKES! Could your business afford to lose 3 weeks worth of data?
What you can do to protect against Ransomware
Here is a checklist of things you should do to protect yourself against good Ransomware:
- Ensure you have good antivirus/anti-spyware installed. Don’t have one? Contact us.
- If you do, how long has it been since it has been updated?
- Ensure you don’t open attachments from individuals you don’t know or weren’t expecting an attachment from.
- Ensure your business has a solid Disaster Recovery Plan, don’t have one? Contact us.
What should I do if we are already infected with Ransomware?
If you find yourself already staring down the barrel of Ransomware and you aren’t sure if you should spend the money to get your decrypt key or you are looking for insight on what to do, Contact Us! Often times we can tell you what the best course of action is. Keep in mind a lot of times you can pay the fee and still not recover your files, remember the people behind these Ransomware are not in it for helping you recover, once they have their money there is no way of guaranteeing they will send you the private key.
Want more information on building a Disaster Recovery Plan for your business? Call us today!