Ransomware is a type of malware that prevents or limits users from accessing their system. This type of malware forces its victims to pay the ransom through certain online payment methods in order to access their systems or get their data back.
Fees range from $20 to more than $1000 to recover access to your data. The most prominent ransomware is called Cryptolocker. This programs encrypts your files (Word, Excel, PDF) on your local computer and also all the network drives you are attached to. The program then politely tells you how to pay the ransom to get your files back. Most if not all of the people who have paid the ransom do get their files back. This has become a big money maker for the people behind the scenes creating the ransomware. Some estimates are around $30 million to date.
Since this ransomware has become so successful, copycats have introduced their own version of Cryptolocker to start cashing in on the stream of money. And people are paying.
We have had some of our Managed IT Service clients struck by Crpytolocker, but none of them have had to pay the ransom. The biggest single reason for avoiding the ransom payment is backups. In every case, we were able to successfully restore the files from backup and remove the encrypted files from the system. Backups are critical in recovering quickly from these events. At the same time, it also takes time to recover from such an event. This introduces interruptions in the client’s operations.
What I would really like to touch on is how to prevent getting the ransomware in the first place. Most of the attacks came through email. A person received an email with an attachment that looked “somewhat” legitimate (Fake UPS delivery, fake fax, fake invoice). They opened the attachment only to become infected by the ransomware. The ransomware then began encrypting files in the background only to show itself once it was done.
The single biggest way to prevent the infection is to not open email attachments unless you are specifically expecting it. Even if it is from someone you know, double check with them before opening it.
The other way the infection enters through your computer is malicious or compromised websites. This is harder to detect, but the same logic should apply. If the website is questionable in reputation and content, then it is probably best to avoid it.
Anti-virus software is having a tough time detecting the infection, because it is being updated to bypass detection.
The landscape and the ways the ransomware is being implemented is constantly changing. IT360 is staying on top of the trends and looking out for our clients

Our law firm uses IT360, Inc. for all of our technology needs. They not only provide outstanding service at a reasonable fee, but we consider them an integral part of our practice.

Principal Owner, Law Firm

Technology News

IT 360 News
2020 New Antivirus Software Solution

Late last year, a few incidents occurred that made us reevaluate how we are protecting our clients’ networks. The incidents – like many others – started with a malicious email that was opened by an employee.  In the past, this would have resulted in a network share or multiple network shares being encrypted that we […]

Read more
IT360 News
Hybrid Security Operation Center Offers Increased Protection

Even as our world becomes more automated and driven by AI, there are times when human oversight is necessary to provide the highest level of security. A Security Operation Center (SOC) for your company is one of those situations! IT360 has partnered with Artic Wolf to offer SOC-as-a-Service that delivers the sophistication and surveillance needed […]

Read more