Ransomware
What does ransomware do?
There are different types of ransomware. However, all of them will prevent you from using your PC normally, and they will all ask you to do something before you can use your PC. Ransomware can also permanently delete files – yes, gone!! One particular piece of ransomware deletes batches of files at timed intervals until the ransom is paid.
Prevention is the best protection, and this involves a combination of security solutions as well as a rethink on how users utilise the IT.
They can target any PC users, whether it’s a home computer, enterprise network, or servers used by a government agency or healthcare provider, ANYBODY!
Ransomware can:
•Prevent you from accessing Windows.
•Encrypt files so you can’t use them.
•Stop certain apps from running (like your web browser).
Ransomware will demand that you pay money (a “ransom”) to get access to your PC or files. We have also seen them make you complete surveys for personal information. There is no guarantee that is paying the fine or doing what the ransomware tells you will give access to your PC or files again.
What to do……..
•Disconnect the PC from your IT System Immediately!
•Restore from a backup
•Call us for help! 0844 372 9893How to prevent it?
There is no 100% guarantee that it will not affect you but follow these steps to ensure you are as protected as you can be.
•Ensure you keep all Windows Updates and Service Packs Installed regularly.
•Have Anti-Virus Software Installed and kept up to date •Change your passwords regularly •Make sure you have backups! And test they work regularly!
•Do not open any emails that look dodgy or are offering you something for free, or have a link to anything suspicious!
•Web filtering will help prevent users from browsing to known infected URLs; patching solutions should also be looked at for all applications and not just Windows Operating Systems.
•Turn off the email review as it gives users more time to think about the email rather than just seeing the link and clicking it.
Human interaction
By nature, we are inquisitive and want to help. If an email comes into our inbox that looks as though it could be important for another department, such as an invoice or a purchase order, we do what we feel is the right thing and pass it on. However, this adds to the confusion as the email now looks like it is coming from a legitimate source. The other social engineering exploits, particularly as we gear up to summer, is the use of phrases like check out my/your holiday photos and these look like an innocent jpeg.
The simple rule of thumb
If you are not expecting it (why would someone have holiday pics of you??), don’t open it.
If you do not know the sender, exercise caution
If it is not something that you would deal with – invoicing, logistics, ordering etc. – don’t open it and do NOT send it on. If people in those departments are expecting something, they will chase it
If it is out of character (your boss is suddenly asking you to make large transfers etc.) don’t open it.