Since the new year a spate of businesses has reported unprecedented levels of attempted ransomware intrusions. In 2016 nearly 3,000 businesses fell victim to ransomware and some estimates suggest one in every 30 businesses will be targeted each year. Sadly, at GaP we are seeing a growing number of business falling victim to these scams which could be easily avoided through simple security protocols.
What it is
Commonly known as a crypto locker virus, it is a ransomware file which accesses a computer or network through and .EXE file disguised as an authentic .PDF file, usually a bill or letter from trusted brands such as Telco’s, utilities providers or Australian Post. Once opened the virus will encrypt and lock every file it can access then display a message demanding payment to unencrypt the files. Top IT experts agree that in most cases it is impossible or unfeasible to ignore the malware and attempt to unencrypt the files manually. Unsurprisingly many victims state that even after paying the ransom their files remain encrypted
How to avoid being infected
Whilst the software which encrypts your files is incredibly advanced the method in which it infects is almost rudimentary. Without someone opening the malicious file the ransomware cannot gain access to a computer or network. To avoid falling victim to a crypto lock scam businesses should follow these steps;
- Regularly back up data to an external location such as a backup service or external drive. Importantly the drive must not be assigned a drive letter or be connected when not performing backups.
- Ensure all operating software is updated as required and your anti-malware software is current.
- Educate all employees with access to email accounts on the dangers of ransomware, how they work and how they are disguised.
- Ensure employees who handle accounts are aware of accounts which will send invoices and correspondence vis email
- Avoid suspicious downloads, especially torrent downloads, even from apparently “safe” locations.
- Re-enable the ability for your mail account to show hidden file extensions. Microsoft’s default behavior is to hide known file extension. Meaning suspect looking files can be masked. Furthermore, you can set your email to filter and block specific files, such as (.EXE) executables