The Ransomware is Coming… | PRG Technology Solutions | Real Technology. Real Solutions.

The Ransomware is Coming…

on October 12 | in Technology Solutions Blog | by | with No Comments


The Redcoats are coming. The Redcoats are coming. This warning call used by Paul Revere over 200 years ago was to warn Colonial rebels that British Troops were on their way. Today, we need a similar warning call for Ransomware, because Ransomware is well on its way and there’s not a whole lot you can do about it once you are victim to a Ransomware attack.

Whether you are intimately familiar with the impact of a Ransomware attack, or perhaps it is simply a buzz word that has been ringing in your ears lately, the reality of Ransomware remains the same. If you are not prepared for a Ransomware attack, there are really only two choices once a system has been attacked: 1) Pay the ransom to the responsible hackers and hope they send you the key to decrypt your locked files, or 2) Kiss all the files on the affected computer goodbye.

If you are not very familiar with recent Ransomware attacks, let me paint a clear picture for you.  Ransomware does not discriminate.  Over the past year, Ransomware has attacked 40 percent of businesses worldwide. Ransomware attacks have affected small companies, large companies, universities, hospitals, police stations, government facilities, and the list goes on and on. In most of these cases, the victims were not prepared for the attacks, so they had to either pay the ransoms or say goodbye to any data that was not safely backed up somewhere.  According to a Symantec report, the average ransom amount in 2015 was $680.  Cumulatively, these Ransomware attacks have cost organizations millions of dollars (not to mention the value of lost data) and the cost is growing exponentially every single day.  The threat of Ransomware is real for every single organization and it’s not really a question of whether you will get attacked, but when.

Let’s take a moment to bring everyone up to speed on exactly what Ransomware is and why it is wreaking so much havoc on organizations everywhere. The name gives away most of the meaning: Ransomware is malicious software (aka “malware”) that has been designed to infect a computer system and encrypt most (or all) files on that system, providing a message to the computer user that the encrypted files will be lost forever if a Bitcoin (an anonymous untraceable payment platform) ransom is not paid within a stated period of time (usually 24-72 hours). If the user pays the Bitcoin ransom within the stated period, the user is usually emailed a decryption key that will allow the user to decrypt the affected files on their computer. If the ransom is not paid within the stated period, the responsible hacker(s) sever communications and move on to their next victim(s).

So how does a computer get infected by Ransomware? Typically, it’s in the form of a malicious email link or attachment (or link on a web page) that a user clicks to open. Once the malware is opened, it has the freedom to run its malicious tasks on the computer. For a long time, it seemed that this was the only way for hackers to infect computer systems, but it now appears that the malware is finding its way to other computers via cloud storage and collaboration apps.  So, once a single user computer on a network is infected, it’s not difficult for the infection to spread to other computers on the same network.

Of course, what kind of blog article would this be if I didn’t offer some suggestions on how to combat Ransomware? The best way to avoid Ransomware attacks is to educate your users on what Ransomware is and the kinds of traps that may be laying in wait.  The most common delivery platform for a Ransomware attack is an unexpected invoice that needs to be paid.  Inform your users that they should NEVER click to open any attachment that they are not expecting, especially if it is from an unfamiliar sender.  Have them forward it to your IT personnel, where it can be opened on an isolated virtual machine that can be easily rebuilt if it becomes infected.

It’s not much of a stretch to assume that, no matter how much user education you employ, someone in your organization is going to eventually open one of these malicious links/attachments and infect their computer system.  Unfortunately, the time to do something about it is NOW, because waiting until you are infected by Ransomware is too late (unless you are okay with paying good money to hackers). I highly recommend finding a cloud-based sync/backup tool that backs up data in real time and includes robust revisioning, which will allow you to “roll” an infected system back to a date in time prior to the Ransomware infection. In some cases, an infected system can be rolled back to its previous state in as little as two hours. Make sure you research your options and find a cloud-based solution that can specifically help your systems to quickly recover from a Ransomware attack.

And, by all means, help sound the new war cry: The Ransomware is coming.  The Ransomware is coming.

Leave a Reply

Your email address will not be published. Required fields are marked *