RANSOMWARE: How to Spot, Avoid and Deal with an Attack
Posted on 03 June 2016
“Ransomware” is a buzzword representing many new forms of digital theft, fraud and extortion. Since it has become more widely reported and due to the personal nature of the attacks, ransomware has quickly become one of the most feared invasions of privacy for individuals and businesses alike. Read on for a summary of attacks, how to spot or avoid them and, should the worst happen, how to deal with the fallout of ransomware.
WHAT IS RANSOMWARE?
Originating from the terms ‘ransom’ and ‘software,’ ransomware is essentially a string of code implanted in a downloaded file that aims to steal something valuable and make you pay for it. Once activated, the attack isolates files on your computer or server and makes it impossible to access them. Often users have no idea they are being attacked until they try to open an isolated file. Soon after, the originator of the attack will send an anonymous, untraceable message demanding payment in exchange for the safe return of the file. Ransomware typically targets sensitive locations or personal files and the perpetrator will often raise the ransom amount in relation to how important the data appears to be. Refusal to pay or threats of involving authorities are also often met with an increased ransom.
SPOTTING & AVOIDING RANSOMWARE
As with most malicious computer programs, ransomware is often disguised as something very mundane: Microsoft Office documents, email attachments from sources that appear official (ie: FedEx, Amazon, etc) or even a message from an old acquaintance. Ensure you closely inspect any file before downloading-- there are many red flags that can prove a seemingly authentic message is actually false. Once open, beware any requests that require you to enable unusual settings, activate macros or install unnecessary files. Consult the prevention tips below:
- Backup essential files and keep them on a separate hard drive;
- Customize anti-spam settings to filter out suspicious attachments;
- Activate “Show File Extensions” settings;
- Always patch and update your OS, antivirus, browser, Java plugin, Adobe programs and other vulnerable back doors;
- Disable file sharing, remote desktop and unused wireless connections.
*NOTE: Microsoft Office documents containing built-in macros (embedded computer code) are some of the most common springboards for ransomware attacks. Almost everyone deals with these types of files, making them the perfect decoy for the average user. Never activate macros in a suspicious download.
DEALING WITH RANSOMWARE
So, you slipped up and your computer, backup drive or server was infected with ransomware. Whether you caught it right away or received the ominous ransom request, you may find yourself in an extremely uncomfortable situation. Do not pay the fine! Paying a hacker only gives them more power. They may refuse to release the files, plan another attack and even ask for more money. Disconnect the infected hardware and contact Catalyst IT immediately! Our skilled team is dedicated to removing all trace of ransomware and you can count on our no data loss guarantee.