Ransomware is probably the most devastating attack your computer systems can suffer. Imagine starting your computer tomorrow morning and having all of your files locked up and encrypted. They are gone! You have no spreadsheets, no documents, no financial records, no customer records, and no precious family pictures! Everything is gone. And the data is being held hostage: Pay up with Bitcoin or forever lose your data.
In recent weeks there have been multiple high profile ransomware infections in the news. My clients have long asked why someone would attack their computer — because they didn’t have anything of value. This is the ultimate answer to that question. The bad guys don’t want your data. It has zero value to them. But what is it worth to you?
What can we do, so I can sleep a little better at night?? So we can both sleep better at night! I’ll give you the basics and if you have questions, we should talk in more detail. We should talk sooner than later.
- Make sure you have a good backup of your data. This is the only sure way to defeat ransomware. Preferably of the whole machine — not just the data. The rub in this case is that you need to make sure your backup is protected from the ransomware. For example if you have your data backed up to a network share, to a local hard drive or any other device with persistent connection — then it’s possible for the malware to encrypt your backups. I’ve always said there’s only one thing worse than not having a backup. That’s when you think you have a good backup and you really don’t. Your backup needs to be stored in a location that doesn’t directly connect to the computer or other computers. And it Must Have versioning capability. That means multiple snapshots are taken so you can go back and recover the data from a specific point in time, prior to the infection. If there’s only one backup file and it happened to get encrypted by ransomware – you’re in trouble.
- Get a good Malware product that does real time scanning and automatic updates. You can’t count on a free version to scan after the infection occurs. Then it’s too late. I recommend Malwarebytes. Get their business version if you have a business.
- Have a good paid anti-virus subscription. You might squeak by with a free product but remember you get what you pay for. And this isn’t the place to save a few bucks. I recommend Kaspersky or Trend Micro for my business clients.
- Education. Sounds simple but it’s one of the best things you and your people can do to prevent the problem. Most infections come from an email. Either an attachment or link in the email that directs to an infected site. My rule of thumb for all email — if it has an attachment of any kind or link to a site — just delete it. Don’t open it and definitely don’t try to access the attachment. If it’s important there are other ways to get the info. Most of the big recent attacks were designed in such a way that the victim was duped into clicking on something they thought was from their company or someone they knew. Think Long and Hard before clicking. If in doubt at all — just delete or call for help. Step away from the keyboard – Do Not Click on that Attachment!!
- Limit access rights and permissions. Bigger companies have done this for years. It prevents installs of updates and new programs without a specific administrative user logon. You can do your day to day work — but anything that requires an install needs a different password. It’s easy to setup and works well to prevent all kinds of malware issues.
A good backup is your last and best hope to defeat ransomware. Even if we’ve worked together for years and you have good plan — it’s time to take a closer look and make sure your backups will be available to save you from ransomware. Let’s plan some changes to how your data is backed up, so we can both rest easier at night!