Ransomware is a type of malware that prevents or limits users from accessing their system. This type of malware forces its victims to pay the ransom through certain online payment methods in order to access their systems or get their data back.
Fees range from $20 to more than $1000 to recover access to your data. The most prominent ransomware is called Cryptolocker. This programs encrypts your files (Word, Excel, PDF) on your local computer and also all the network drives you are attached to. The program then politely tells you how to pay the ransom to get your files back. Most if not all of the people who have paid the ransom do get their files back. This has become a big money maker for the people behind the scenes creating the ransomware. Some estimates are around $30 million to date.
Since this ransomware has become so successful, copycats have introduced their own version of Cryptolocker to start cashing in on the stream of money. And people are paying.
We have had some of our Managed IT Service clients struck by Crpytolocker, but none of them have had to pay the ransom. The biggest single reason for avoiding the ransom payment is backups. In every case, we were able to successfully restore the files from backup and remove the encrypted files from the system. Backups are critical in recovering quickly from these events. At the same time, it also takes time to recover from such an event. This introduces interruptions in the client’s operations.
What I would really like to touch on is how to prevent getting the ransomware in the first place. Most of the attacks came through email. A person received an email with an attachment that looked “somewhat” legitimate (Fake UPS delivery, fake fax, fake invoice). They opened the attachment only to become infected by the ransomware. The ransomware then began encrypting files in the background only to show itself once it was done.
The single biggest way to prevent the infection is to not open email attachments unless you are specifically expecting it. Even if it is from someone you know, double check with them before opening it.
The other way the infection enters through your computer is malicious or compromised websites. This is harder to detect, but the same logic should apply. If the website is questionable in reputation and content, then it is probably best to avoid it.
Anti-virus software is having a tough time detecting the infection, because it is being updated to bypass detection.
The landscape and the ways the ransomware is being implemented is constantly changing. IT360 is staying on top of the trends and looking out for our clients

Principal Owner, Law Firm

Our law firm uses IT360, Inc. for all of our technology needs. They not only provide outstanding service at a reasonable fee, but we consider them an integral part of our practice.

Principal Owner, Law Firm

Technology News

IT360 News
Why You Should Outsource IT Support in a Recession

Bear markets are often a sign of an impending recession period. You cannot completely foolproof your business from the eventualities of an economic downturn, but you can at least prepare for what’s coming. In fact, there’s no better place to start than outsourcing your IT support. Here’s how outsourcing IT in a recession can benefit […]

Read more
IT 360 News
Impersonation Phishing Attacks Increase as Credentials Take the Lead as the Primary Target

New data shows an upswell of email-based cyberattacks, with over 256 brands being impersonated, as social media, Microsoft, shipping, and ecommerce brands top the list. There’s been a lot of changes in the volume of email-based cyberattacks, according to security analysts at Abnormal Security. According to their H2 2022 Email Threat Report, the number of […]

Read more