From hospitals to small businesses, ransomware is a topic that has been in the news quite often in recent weeks. So what is it? Quite simply, it is a malicious program, application, or piece of code that takes over your system and demands that you pay a “ransom” to let you back in. Ransomware comes in a number of different variations, but the at the end of the day, it pretty much infects your machine, encrypts your files (so you have to pay to get them back), and then tries to spread to as many other shared locations as possible.
How do you get it? There are a number of ways to get infected, most commonly through email attachments (some of these are as simple as PDF or Word files). Quite often clicking on links to infected websites also carries a risk of getting the malware. If you see an email that is not intended for you, has questionable content, or just plain looks suspicious, the best bet is to delete immediately. This ransomware can now also attack Macs, phones, and even Linux machines. There are variations that will spread through the network and infect as many other files as they can find.
How do I know I am infected and what do I do? If for any reason you start seeing strange popups or a screen appears telling you that anything has been infected or encrypted immediately turn off your machine (yes, pull the plug). The biggest problem with this type of ransomware is that it immediately begins to encrypt files, the faster the machine is turned off and off the network, the greater the chance that it will not encrypt anything vital. Ransomware will always present itself very clearly, there will be a message that your files are locked or encrypted, and likely a message that you have been doing something inappropriate. Often times, attackers will use logos from the FBI, NSA, and local law enforcement agencies in these messages. Upon seeing such a screen, immediately shut off your machine even if pulling the power cord is the only way. With laptops, press and hold the power button until the machine shuts off completely. Make sure you disconnect it from any network sources, especially if connected with a cable. Contact your IT provider immediately so they can advise you on the next steps that pertain to your particular environment.
How do you protect yourself? No matter how many security safeguards are in place, no system is perfect. The name of the game is to always stay one step ahead of the bad guys and their goal is to find a way around the good guys’ defenses. End users must be taught to be very careful when clicking on any links in emails, going to any websites that may be suspicious (even legitimate sites can get hacked), and downloading things from email or links contained in email. Also be mindful of any USB drives that you do not 100% know the origin of. Same goes for CDs, SD cards, portable drives, etc. Many of you may also charge your phones through the PCs as well. Keep in mind that any infection that may be on your phone now has a way to spread to the computer when you sync or charge it.
The single greatest way to protect yourself from infection is having the knowledge to avoid potential dangerous situations. But even the most informed will sometimes get attacked. In such cases, having backups of your data is paramount. Look for our other blogs regarding proper backup strategies and more security pointers!