IT Blog

The latest ransomware viruses are getting even more sophisticated and malicious - here's what you need to know about ransomware.

Advice Security

How to avoid ransomware – a practical guide

There’s been a lot of news coverage recently about ransomware. It’s been around for a while, and the problem has become rampant.

The NZ Herald described it as a “virus pandemic”, and the newest ransomware viruses are getting even more sophisticated and malicious. Here’s what you need to know about ransomware – and how to avoid it…

Ransomware in a nutshell:

Ransomware is the generic term for a malicious virus that encrypts all your files so you can’t access them. In order to get access, you have to pay money (i.e. a ransom) within a set time limit. If you don’t pay up, the files are gone forever.

The NZ Herald reported that the average ransom is about $700, but the most serious NZ case to date involved an $11,000 ransom.

And if you do pay the ransom, there’s no guarantee that you’ll get access to your data. (Criminals rarely have morals!)

Currently, the most common ransomware virus is CryptoLocker, and new threats include CryptoWall and Locky.

How do you get the ransomware attack in the first place?

Usually, the ransomware virus is spread through an infected email, be it a malicious website link or attachment.

Other methods of transmitting ransomware are through popular programmes such as Adobe Acrobat Reader and Flash Player.

What about Mac users?

Mac users aren’t exempt from ransomware attacks. This month (April 2016) Adobe issued an emergency Flash player security update for Mac OS X to address ransomware attacks. And last month (March 2016) ransomware was detected in the ‘Transmission’ BitTorrent client for Mac.

And even if Macs aren’t affected directly by ransomware, they can pass on the virus to any networks they’re connected to. So, for example, if your graphic designer runs a Mac, it could pass on viruses to the rest of the network. It’s best to ensure that everyone in your business knows how to avoid ransomware.

What are the ramifications of ransomware?

If just one computer on your network gets infected by ransomware, you stand to lose all your data on your entire network.

That means your intellectual property, documents, accounting files, photos, customer databases and so on could all be lost permanently. As could the data on Android smartphones.

Would your business be able to survive the loss of all its data?

How to avoid ransomware

To avoid ransomware, you need to have two lines of defence: avoiding the attacks in the first place, but also being prepared if the worst does happen. Here are the proactive steps you need to take in your business:

1. Have quality anti-virus software

This should be installed on every single computer in your business, as well as on smartphones. And ensure the software is up-to-date: there are new viruses being developed every day, so anti-virus software that automatically updates itself is a no-brainer. Optimus Systems recommends their Total Desktop Security suite as being the best business-grade anti-virus and anti-malware solution. Not only is it very powerful, but it’s tiny and can run a full scan in seconds or minutes – and it doesn’t use any CPU or memory (unlike Norton or ESET). So now your computer can run faster as well as being more secure!

2. Keep your operating system and other software up-to-date

Having the latest Windows updates, Adobe Acrobat, Flash and web browser versions is a must. However, in reality most business owners and employees are too busy to install these – or they don’t know how to do it. The Managed Service from Optimus Systems takes care of this for you remotely, so there’s no interruption to your business and your systems are always up-to-date.

3. Never open suspicious-looking emails

Because ransomware is spread through malicious emails, you should be very wary when receiving emails from people you don’t know. But also remember that people you do know could have been hacked, so always be cautious when opening attachments. If in doubt – don’t open the email, don’t open attachments, and don’t click on any links. Optimus Systems recommends the mymailsecurity service to help with managing this: it filters 99.5% of spam and malicious emails, with near zero false positives.

4. Back up your data in the cloud

While many businesses do have in-house back up systems, with a ransomware attack these back ups are also at risk. That’s because the ransomware is designed to attack every part of your network, and that includes external hard drives, flash drives, and tape back ups. For maximum peace of mind, Optimus Systems recommends cloud backups, using mybackups. These back ups run automatically in the background, so you don’t have to remember to do them. And military-grade encryption makes the data secure. If the worst does happen, the data is quick to restore.

What if you do get a ransomware attack?

1. Unplug – immediately!

Turn off your computer the quickest possible way – this is not the time to shut Windows down properly! Yank the power cord and network cables out of your desktop computer, and slam the lid on your laptop. You also need to shut down the whole wireless and wired network: turn off all the switches in your server room, and get your entire team to unplug their computers immediately. Remember to power down smartphones immediately too, as they’ll also be connected to the network.

Hint: Regularly remind your team as what they need to do in the case of a ransomware attack, so everyone knows the protocol. A monthly team meeting is a good time to re-cap on this, and to assign responsibility for unplugging shared devices, such as the computers in meeting rooms, routers and printers. And consider printing some posters for the office to remind everyone – for example, it would be all too easy to forget to power down your smartphone without being prompted.

Good preparation is key in dealing with a ransomware

Here’s a New Zealand case study to show how having good, well-communicated protocols can make a difference. In March 2016, Tauranga City Council received a CryptoLocker threat. The council workers shut down their IT system straight away, and referred to this as a lockdown. Their IT team was then able to isolate the threat and test the system before bringing it back online – without losing any data, and without paying a ransom. “Because we isolated it so quickly, it didn’t manage to get into the system,” said Council communications spokeswoman Aimee Driscoll. Read more.

2. Call Optimus

Call us right away on 0800 35 99 33 and we’ll be on hand to help you. And if you’ve been using mybackups, to back up all your data on the cloud, you won’t need to pay the ransom.

Next step: Are you wondering how healthy your IT system is?

If you’d like to find out how healthy your IT system is – and how open it is to ransomware attacks – contact us for a FREE IT Assessment. You’ll get a comprehensive IT audit without charge or obligation.