Ransom ware is dreadful stuff.  Ransom wear is a virus (basically) that encrypts the contents of your computer. The hackers then request money to unlock it.

When I say ‘the contents of your computer’, it is highly possible that it will operate across your computers harddrive, any attached drives (USBs, portable drives etc) and networked drives.

Once the contents are locked, it is almost impossible to retrieve. Our, retrieve easily. Backups can save you, but if your backup plan overrides existing backups, you’ll just be backing up the locked system.  As I said, dreadful stuff.

This infographic and associated pdf from How To Stay Safe From Ransom Wear is a great depiction on what can happen.  Please note, we haven’t tried or tested the Sophos products but we like sharing good information.

Crypto Ransom ware Locks
Image Courtesy of Sophos

 

Some hints to limit to protect yourself from these types of attacks:

[unordered_list style=”tick”]

  • Have good virus scanning software, ensure it is updated each day and USE IT.
  • Don’t open email attachments from unknown sources
  • Check attachments from known sources, make sure that the sender is actually the sender
  • Scan your email as it comes in. Most virus scanning software has incoming mail scanning capabilities – USE IT. We use Google Apps for our email, and couldn’t be happier with the protection this gives us.
  • Scan your internet browsing. It’s possible to download a virus simply by browsing a website. Make sure your virus scanning software covers that activity as well.
  • Have a backup in place, preferably a multi level one that allows you to have backups over a period of time. If your system does get compromised being able to revert to an older backup may mean you loose some data but not all of it.
  • Store your backups offsite. Having them on a device attached to your computer is great, but if your system is compromised, it’s possible that the backups will end up locked as well.

[/unordered_list]

 

About the Author acltechteam

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}
>