Hello Audience! I wanted to take some time and discuss an issue that has been putting Umbrella employees into a stress induced, hair loss predicament. What could cause such a disappearance of hair follicles you may ask? To answer that question, the mischief-maker would be Ransomware.
Ransomware
Ransomware is undetectable due to the fact that it’s not a virus, but a simple program. We’ve had clients that have been impacted by Ransomware, but we were able to recover all data for them due to our backup solution.
Ransomware is software that installs itself on a device and performs a network scan. It’s specifically looking for shared folders. Once it has a list of shared folders, it begins to encrypt the files inside them. During the encryption process, the files are locked with a virtual key. And only the program’s creator has that key. For the sake of this story, we’ll call him Steve.
At this point, company data is locked and not accessible. And Steve is demanding money be sent to him for the key to unlock the files.
When the phone rings at our office and the caller on the other end tells us they are unable to access files on a shared drive, we get a bit nervous. 95% of the time, it’s a routine issue. But sometimes it is Ransomware and we go into critical alert mode. As I’ve mentioned, we’ve always been able to recover any ransomed data, but it’s not fun for our clients or support team.
We carefully monitor all of our client’s backups. The fix for Ransomware without having to pay any type of ransom is to find the computer which was originally infected. We take it offline, and then restore the shared data servers to a point in time before the encryption took place.
BitDefender
We are working on being even more proactive when it comes to defending against Ransomware. We are in the process of rolling out new antivirus software called BitDefender to our clients. BitDefender does a better job than most at repelling Ransomware attacks. Our goal is to have our entire client base using BitDefender by the end of the year.
I have been asked many times by our users how they can help avoid getting infected. I’ve found the most effective method is to make sure your staff knows about the most common attacks. It seems like common sense that you shouldn’t open email attachments from unknown senders. In my experience, this is one of the most common ways that sites have been infected.
The Golden Rule
When in doubt about an email attachment, contact your IT support so they can ensure it’s nothing malicious. I would rather scan a bunch of false positive attachments than lose more of my divine, comparable to Fabio like hair over Ransomware!