As mentioned in our previous post, scammers have been utilizing email as a means to catch their prey since the inception of the service. They are able to use legitimate looking mails to entice the reader to download a file that will inevitably infect their PC in some way. Today, we will focus on one of the more diabolical methods with which attackers can scam people.

What is it?

Ransomware is a type of malware that infects the host system and systematically locks down network assets behind strong encryption, locking users out of their files until a fee is paid. Throughout the years there have been several “strains” of Ransomware – CryptoLocker, Cryptowall, Lockey, etc. When a PC is infected with these types of viruses, documents and other files become inaccessible. They will add startup programs that will describe the terms and how to decrypt those files – by paying the people that locked down the files a sum of money. The fee required to decrypt files varies wildly, ranging from a few hundred dollars, to thousands. Unfortunately, the only option to gain access to those locked documents is to pay the fee, or restore from a backup.

Who is affected?

This is a similar story to the other types of viruses spread through email. Everyone is at risk. We are starting to see a significant rise in these types of infections. Users who are behind firewalls, using UTM devices and high end enterprise-grade antivirus are falling prey to these attacks. The targets of Ransomware attacks range anywhere from small workgroups to large scale enterprise networks. They can be disguised as any sort of file, from a resume, to a banking document, to a music file. As soon as a user attempts to open the file, their system is infected. In many cases, we have seen it spread rapidly to network shares which are then held ransom.

How can I avoid this type of attack?

Stay vigilant. Do not open unknown files downloaded from the web, or emailed to you. If you receive an email with an attachment that is not familiar – DELETE IT IMMEDIATELY. Also, while not necessarily 100% effective against these infections – keep an up to date, reliable antivirus installed on all of your PCs.

I would like to be prepared in case of attack…

Sometimes infections are unavoidable – make sure your sensitive data is backed up regularly. We encourage our clients to keep image based backups that can be recovered at a moment’s notice to a time before the infection.

Need more info? Give us a call, we offer solutions that can help keep your business network safe.