Ransomware is a type of malware that prevents or limits users from accessing their system. This type of malware forces its victims to pay the ransom through certain online payment methods in order to access their systems or get their data back.
Fees range from $20 to more than $1000 to recover access to your data. The most prominent ransomware is called Cryptolocker. This programs encrypts your files (Word, Excel, PDF) on your local computer and also all the network drives you are attached to. The program then politely tells you how to pay the ransom to get your files back. Most if not all of the people who have paid the ransom do get their files back. This has become a big money maker for the people behind the scenes creating the ransomware. Some estimates are around $30 million to date.
Since this ransomware has become so successful, copycats have introduced their own version of Cryptolocker to start cashing in on the stream of money. And people are paying.
We have had some of our Managed IT Service clients struck by Crpytolocker, but none of them have had to pay the ransom. The biggest single reason for avoiding the ransom payment is backups. In every case, we were able to successfully restore the files from backup and remove the encrypted files from the system. Backups are critical in recovering quickly from these events. At the same time, it also takes time to recover from such an event. This introduces interruptions in the client’s operations.
What I would really like to touch on is how to prevent getting the ransomware in the first place. Most of the attacks came through email. A person received an email with an attachment that looked “somewhat” legitimate (Fake UPS delivery, fake fax, fake invoice). They opened the attachment only to become infected by the ransomware. The ransomware then began encrypting files in the background only to show itself once it was done.
The single biggest way to prevent the infection is to not open email attachments unless you are specifically expecting it. Even if it is from someone you know, double check with them before opening it.
The other way the infection enters through your computer is malicious or compromised websites. This is harder to detect, but the same logic should apply. If the website is questionable in reputation and content, then it is probably best to avoid it.
Anti-virus software is having a tough time detecting the infection, because it is being updated to bypass detection.
The landscape and the ways the ransomware is being implemented is constantly changing. IT360 is staying on top of the trends and looking out for our clients

Principal Owner, Law Firm

Our law firm uses IT360, Inc. for all of our technology needs. They not only provide outstanding service at a reasonable fee, but we consider them an integral part of our practice.

Principal Owner, Law Firm

Technology News

IT 360 News
Multi-Factor Authentication

By Cybersecurity & Infrastructure Security Agency OVERVIEW Multi-factor authentication (MFA) is a layered approach to securing physical and logical access where a system requires a user to present a combination of two or more different authenticators to verify a user’s identity for login. MFA increases security because even if one authenticator becomes compromised, unauthorized users […]

Read more
IT 360 News
Hyper-Personalized Phishing Attacks on the Rise

Phishing attacks are flooding in like never before and becoming more sophisticated. In 2023, there was a 47.2% increase in phishing attacks compared to the previous years. The attacks are also spreading beyond emails to text messages, phone calls, and other forms of personal communication. AI TOOLS The rise in attacks is attributed to the […]

Read more