Recently we've been hearing about several customers getting hit with ransomware software. This has prompted me to put together a quick blog post warning about this growing trend.
First off, here's a definition. Ransomware is software that infects a computer and then locks files making them unreadable. The software then asks for money to unlock the files - hense the name Ransomware. An encryption key is sent back which makes the files available again.
The big problem is most antivirus software programs do not "see" ransomware. They say they will soon, but have not yet delivered on that promise. The ransomware developers have gotten very smart in hiding their payloads in emails that look very genuine. The majority of ransomware infections come from emails. The only protection from ransomware is closer scrutiny of emails and websites. If you don't recognize it, don't open it. Period.
Things to do to keep safe are:
- Keep softare up to date - especially your operating system
- Backup all information to an offsite location
- Don't put all your data on one network - if you can, split it up on different servers
- Train yourself and your staff to not open attachments or links from unknown sources or locations
- Keep a list of all your software and licenses in case you are hit
Another good idea is to check Google periodically to see if any vendors have developed effective ransomware protection. There is a lot of development going on now and hopefully something concrete will be developed soon. In the meantime, practice safe email opening. It could save you lots of money and heartache.