Business
Focused
Technology

IT360
IT360

Quick Links

gear service ticket iconStart a service ticket

Ransomware

Ransomware is a type of malware that prevents or limits users from accessing their system. This type of malware forces its victims to pay the ransom through certain online payment methods in order to access their systems or get their data back.
Fees range from $20 to more than $1000 to recover access to your data. The most prominent ransomware is called Cryptolocker. This programs encrypts your files (Word, Excel, PDF) on your local computer and also all the network drives you are attached to. The program then politely tells you how to pay the ransom to get your files back. Most if not all of the people who have paid the ransom do get their files back. This has become a big money maker for the people behind the scenes creating the ransomware. Some estimates are around $30 million to date.
Since this ransomware has become so successful, copycats have introduced their own version of Cryptolocker to start cashing in on the stream of money. And people are paying.
We have had some of our Managed IT Service clients struck by Crpytolocker, but none of them have had to pay the ransom. The biggest single reason for avoiding the ransom payment is backups. In every case, we were able to successfully restore the files from backup and remove the encrypted files from the system. Backups are critical in recovering quickly from these events. At the same time, it also takes time to recover from such an event. This introduces interruptions in the client’s operations.
What I would really like to touch on is how to prevent getting the ransomware in the first place. Most of the attacks came through email. A person received an email with an attachment that looked “somewhat” legitimate (Fake UPS delivery, fake fax, fake invoice). They opened the attachment only to become infected by the ransomware. The ransomware then began encrypting files in the background only to show itself once it was done.
The single biggest way to prevent the infection is to not open email attachments unless you are specifically expecting it. Even if it is from someone you know, double check with them before opening it.
The other way the infection enters through your computer is malicious or compromised websites. This is harder to detect, but the same logic should apply. If the website is questionable in reputation and content, then it is probably best to avoid it.
Anti-virus software is having a tough time detecting the infection, because it is being updated to bypass detection.
The landscape and the ways the ransomware is being implemented is constantly changing. IT360 is staying on top of the trends and looking out for our clients

President, Transportation Company

Your technical support team has always been able to handle our needs quickly, efficiently, and patiently. We appreciate your timeliness and the hours you have saved us. It is great to know that we have people at IT360 capable to provide solutions to our problems.

President, Transportation Company

Recent
Technology News

IT 360 News
Threats and Infrastructure

From Arctic Wolf SUMMARY On February 7, 2024, CISA issued an advisory detailing their discoveries concerning state-sponsored cyber actors linked to the People’s Republic of China (PRC). Notably, the PRC-affiliated threat actor, Volt Typhoon, is actively engaged in efforts to infiltrate IT networks, with the potential aim of launching cyberattacks on vital U.S. infrastructure in […]

Read more
IT 360 News
Multi-Factor Authentication

By Cybersecurity & Infrastructure Security Agency OVERVIEW Multi-factor authentication (MFA) is a layered approach to securing physical and logical access where a system requires a user to present a combination of two or more different authenticators to verify a user’s identity for login. MFA increases security because even if one authenticator becomes compromised, unauthorized users […]

Read more