Ransomware: What you need to know (and how to prevent it from happening to you).

Monday, 15 May 2017

What is Ransomware?

Ransomware is when your computers files (documents, pictures, videos etc,) are encrypted so you are not able to access them. They are then held hostage until you make a payment. Usually you have a limited period of time to submit the ransom payment, after that the price is increase. If payment is not made, usually in 7 days, the data may not be able to be recovered.

What happened on the weekend?

A global Ransomware Attack effected computers worldwide, in multiple countries including Australia. Large Government organisations were impacted including NHS (UK National Health Service) & FedEx. Schools, universities, hospitals and health clinics were also affected. This particular variant of ransomware has largely ceased however, this is by no means the end of ransomware and you may still be at risk of future attacks.

Why was this attack worse than previous Ransomware attacks?

The Ransomware was delivered via an email attachment. Once opened it effected the local computer and then spread to all computers on its network; this is known as a worm. Older versions of Windows were more vulnerable to the attack as Windows 10 has security capabilities to minimise the exposure to this type of attack.

Why do they do it?

Hackers will launch an attack primarily for financial gain. For example, this attack reached 200,000 computers and the ransom was $300 per computer, potentially earning the hackers $60m.

How can I minimise my risk?

The best way to reduce the chance of losing your data is to ensure you have regular back-ups made on an external device that is disconnected from your computer once the back-up is completed. This means if your computer is held hostage you can still access your data and avoid paying the ransom.

How do I stop it from happening?

Be wary of opening email attachments or web links from unknown sources including word documents, PDFs, videos and zipped folders.

What should I do if it happens to me?

Disconnect your computer from your local network, disconnect all network cables, turn off your computer and contact your IT provider immediately.

How do I recover my files?

Unfortunately, at this time there is no decryption method. Unless you have recent back-ups, you should contact your IT provider to determine the next step in recovering your data.
If your business has been held ransom or you would like to set up a backup or disaster recovery plan you can contact Xtreme on +61 (07) 5531 4816.

Need Support?

Click HERE to submit a Support Ticket.

Fill in your details below. All fields are required.