How To (and How Not to) Handle Ransomware

From individuals all the way up to companies and governments, ransomware has been causing no small amount of stress for some years now. Let’s take a few moments to discuss this threat, what you can do about it, and how seriously the government is taking ransomware.

What Kinds of Ransomware Are Out There?

While there are many kinds of ransomware out there, they usually rely on similar tactics to work. Just consider some of the most common ransomware variants out there:

• Cerber - Cerber targets Microsoft 365 users through an elaborate phishing campaign.
• CryptoLocker - One of the most famous ransomware strains, it is a copy of the original that was shut down back in 2014.
• CryLocker - CryLocker uses a personalized ransom note using the encrypted files on a person’s computer or server, locking a person out of their computer entirely. 
• Locky - Spread through phishing, this ransomware instructs users to enable macros to read the message. Once that’s complete, the malware will start encrypting files, and demanding a ransom.
• Jigsaw - When triggered, Jigsaw will delete one or more files every hour for 72 hours. If the ransom hasn’t been paid when the 72-hour window is up, all the affected files are deleted.

What You Can Do to Avoid Ransomware

Of course, avoiding potential data encryption and deletion needs to be the priority for all businesses. That means that you and your users will have to work to avoid ransomware. Here are a few practices that can help:

1. Never click on unverified links
2. Do not open email attachments unless they are from a trusted source
3. Don’t download files from websites you don’t trust
4. Do your best to avoid giving out personal data
5. Don’t use USB or SD card drives that you didn’t purchase yourself
6. Keep your software patched and updated, including security software
7. Utilize antivirus, firewall, and other security software
8. Use a virtual private network on public Wi-Fi
9. Backup your data onsite and in the cloud
10. Use a mail server with spam protection and content filtering software

 Just in Case You Do Get Ransomware…

Unfortunately, it only takes on slip-up to let in a threat. While a total of $380 million has been spent trying to retrieve the data that ransomware has locked up, we cannot recommend this course of action—for several reasons:

• The attack might be fake
• You may not get all your data back
• The hackers could leave malware behind 
• You set a precedent that you will pay if attacked
• You are reinforcing the notion that hacking and scamming is
• profitable

 It is such a bad idea, that many areas in the United States are considering making it illegal to pay the demands. All paying does, after all, is encourage this kind of extortion while also painting your company as an easy target. The U.S. Treasury has gone on record to say that paying up in response to such extortion could put your business in legal trouble.

 Of course, you don’t have to resist ransomware and other threats alone. KB Technologies Managed IT can assist you in several ways, including implementing a backup and disaster recovery platform capable of restoring any data that an attacker encrypts. Learn more by reaching out to us at (954) 834-2800.