How to Recognize if Your Business is a Victim of Ransomware
It is amazing all the information we store on our computers, personally and professionally. Budgets, customer contacts, and information, resumes, and pictures.
Often, it is not until we cannot access that information that we realize we need it and we panic.
There are people now who will remotely attack your computer and exploit you. Imagine starting up your computer but not being able to access your files, a screen appears that states, unless you pay, you will never get those files back. Say hello to ransomware.
Ransomware is a type of code that, once downloaded, blocks users from accessing their own data. The data is encrypted with only the hacker having the key to unlocking it. Your data is now held purely for monetary gains. It is about disrupting business and making easy money.
There are many different variations of ransomware, but the premise is the same, pay or lose your data forever. Some ransomware will claim you have done something illegal with your computer and that you are being fined by the police or a government agency. Other ransomware will suggest you purchase their antivirus software. An effective scare tactic to make you pay money.
However, there is no guarantee that paying the fine, or doing what they tell you, will give you access to your computer or files.
What Ransomware Does
Ransomware prevents you from accessing Windows, it encrypts files so you cannot use them. In some cases stops certain apps (like a web browser) from running.
The Petya malware overwrites the entire hard drive and prevents the device from loading Windows or even restarting in Safe Mode. If a user tries to reboot their computer an ultimatum will appear to pay a ransom or have the files deleted.
How Ransomware Happens
The malware is accessed through phishing messages. By clicking on a link in an email, the malware downloads. Some human resource departments are receiving links to Dropbox for fake applications and once that individual opens the attachment, they install the ransomware.
Downloaded ransomware will reboot the computer and run what appears to be a windows check disk scan as a mask for the encryption process.
In other instances, they encourage you to click on an infected pop-up advertisement or you visit an infected website. However, instead of trying to trick you into buying fake software, the criminals hold your computer hostage and attempt to extort payment.
You can tell you have downloaded ransomware because a screen directs you to a payment link where you exchange money for the decryption key. The criminals often ask for a nominal payment. In the case of Hollywood Presbyterian Medical Center, they paid $17,000 to get their data.
In some instances, ads for pornographic websites appear each time you click on a web page, which can be very embarrassing if you are at work. The ad covers a portion of the page you are trying to view.
Another tactic attempts to force you to purchase a program to de-encrypt your data. Some ransomware will put pressure on the victim, stating that a piece of data will be destroyed every 30 minutes unless they receive payment.
So far ransomware has only targeted PC and Windows users. Apple users have not, but that is not because the operating system is more secure. It is because hackers have not written the code to install on Apple Operating Systems. When Window machines become less profitable for ransomware they may turn their attention to Apple systems.
Ransomware is a real threat to individuals and companies. Do not put yourself or business in the position to lose your data and have to pay; take the necessary steps to prevent it. You and your customers will be much happier.