What is Ransomware?

Rasnsomware is malware that attempts to keep you from your data until you pay the ransom. There are two main types:

• Lockscreen ransomware shows a screen, that you can’t bypass, until you pay the ransom.
• Encryption ransomware encrypts or scrambles your data until you pay.
  • This is the most prevalent version of ransomware and the most dangerous.

Furthermore, over 50% of US businesses have been affected by ransomware. If you haven’t been, you soon will be.

What is the typical ransom?

The typical ransom is now $679 (source). By comparison, this is a huge jump from 2015 when the typical ransom was under $300. The average ransom is expected to keep climbing as Ransomware is expected to be almost a billion dollar source of revenue for criminals.

Why not just pay up?

While this can appear to be the simple choice, that’s not always so. In a dire position, your family pictures, tax records, etc are encrypted you may have no choice. However, as this company found out, that doesn’t mean you get your data back. As a result, the FBI has even changed positions and advising you not to pay the ransom.

How do you get infected?

Here are the main avenues for an infection:

• Malicious or Fraudulent websites
• Infected Email attachments
• Email links to malicious websites
• Social Media compromised accounts and links
• NEW: Infected Images on Social media

These are the same scenarios that have been spreading computer viruses for years. Consequently proving we really haven’t learned much in the past few years. Most of all hackers have become much more sophisticated in their techniques and attempts.

How can I protect myself?

Protection requires a two pronged approach.

1. Good computer user behaviors
2. Proper controls and security in place.

User Behavior

You’re computer usage behavior is more important than you think. This is more subjective as it requires you to adjust how you use email, websites, and social media.

• Be vigilante in looking through your email and deciding what to click on. Even if the message is from a trusted source, were you expecting it? Was it something they would likely send to you?
• We’ve all happened up on a sketchy website by mis-typing a URL or inadvertently clicking on an ad. The best thing you can do is hit the back button quickly or CTRL+W, this closes the active tab you are on for almost all modern web browsers.
• Pay more attention and be more discerning on what you click to read from social media. In this age of fake news and misinformation it’s difficult to know what is real and what isn’t.
• Compromised social media accounts provide another avenue. Hackers use these to post links to their malicious sites. Once you click the link the website exploits a vulnerability (or attempts to) in hopes of infecting your computer.

In conclusion, behavior modification is an important and necessary step to fighting ransomware. We all need to be more aware of our cyber surroundings.

Security Best Practices

In addition to use behavior, we can talk about proper controls and security. Remember nothing is 100% and there is a constant cat and mouse game between security and hackers. However, taking proper steps makes you a harder target to hit and most criminals want easy soft targets. In other words, they’re somewhat lazy.

1. Anti-virus: your family and or your business should use the same antivirus, preferably one with centralized reporting and control. Many ransomware signatures are picked up by the top tier antivirus programs. Look for one with execution prevention, meaning it stops the infection when it tries to execute.
2. Admin Rights: Don’t use your computer with admin rights. Make sure all user accounts are just that, users only. Having admin rights means when a program executes, with you logged in, it will have the same privileges that you do. That goes for viruses and trojans trying to make their way onto your computer.
3. Backup strategy: depending on your business model this needs some thought. If it’s going to protect you from ransomware it needs a lot of thought. A good backup could mean the difference in $700 ransom and just formatting your machine to wipe out the virus.
4. Web Protection: some antivirus programs offer web protection. However a third party could be more effective if your antivirus software is behind on the latest virus definitions.
5. Email antivirus and link protection: There are many options to have your email scanned before it hits your inbox. While some ISP’s and hosting companies offer this service there are third parties that will integrate seamlessly with your current email setup. Don’t assume GoDaddy is protecting your email. In many cases they are not and simply apply a generic Spam Filter.

Therefore the old layered approach is still very effective. Layered security is not without flaws, those flaws are due to poor implementation, sub par products, and bad user decisions. Therefore implemented correctly, can make all the difference.

How can we help you?

Our Advanced and Premier Managed Support clients have enjoy most of this protection built right in. Part of how we simplify technology is to bundle together business class services. This makes it easier for business owners to know they’re protected.

We also offer:

• Backup Solutions: we’ll help you plan to ensure recovery is painless.
• Web protection: Stopping malicious websites before they compromise you
• Email protection: adding an extra layer to your email that scans links and attachments for malware, ransomware, and trojans.

Check out our Managed Support options. You can read more here how it can help your business simplify technology

Ransomware: Only getting worse

Ransomware is only getting worse with ransoms going up and infection rates sky rocketing. An ounce of prevention will go a long way to ensuring you’re not affected. The largest ransom we’ve seen, $1400. That was for one machine infected on a company network. Some reports indicate that multiple machines can become infected and demand individual ransoms. How ready are you?