What is Ransomware?

  

Ransomware is software that is designed to block access to your data and/or applications until a sum of money is paid. It works by encrypting your files, and then asking for payment before the files will be decrypted.

What is encryption?

Encryption itself is neither good nor bad, but it used to change data from something that can be easily read and understood, in to something that cannot be, by use of a key. There are levels of encryption.

In order to read this data again, it then needs to be decrypted using this key. Something that uses very weak encryption can probably be guessed or ‘cracked’ given time. In it’s most basic form, replacing letters in an alphabet with other letters in a reliable way is a form of encrypting – such as moving every A to B, every B to C etc. If you know the key, you can decrypt the data.

How does a person get ransomware?

The most common way is by receiving a file and opening it, and ‘running’ it. Although the computer may ask for confirmation before doing so, you may have been tricked in to believing it was sent by a trustworthy person; or that it was very important to run this for some reason, over-ruling any usual hesitation.

Once the ransomware program is running on your computer, it will begin to encrypt your files. It will most likely also try to copy itself to any other computer (or server, or any computer-like device) it can find on your network; or, it could also try and encrypt files it can find from your computer.

How do we prevent ransomware?

There is no one single way, but on the whole you will need a number of things in place. If your computer has a known flaw and has not been updated, this is a route in. If you do not have good anti-virus software that is also very regularly updated, this is a route in. But mostly, it relies on the people in your business not opening files without good cause.

This sounds risky. I’m not sure I can absolutely guarantee staff will do everything.

We don’t think it is possible to be 100% secure. Software becomes out of date. Vulnerabilities can exist for a long time before they are updated (if ever). And most of all, people are people and make mistakes, or just don’t know. The best of us can be tricked. The thing is, we need to prepare as best we can, both to prevent as much as we can and then have a plan in place that fixes things if the worst happens. This means having your data backed up.

If I get ransomware, do I pay up?

NO. We do not advise this.

There are cases where people do, and there surely must be many cases that never get recorded where people pay up to get a decryption key sent to them. We must be clear here – paying a ransom means relying on the very people who knowingly commit a criminal act being honorable. There is nothing to say they wont just take the money and run.

Being prepared is the better route. Have your data backed up, and if the worst happens, then everything must be wiped and you start again. A new install of your Operating System, all programs, and your data restored from your last backup. This will take hours, at the very best, and perhaps days.

But my data was backed up a month ago. How do I restore everything since?

You cant. This is why preparing is important. We advise data backup every 24 hours, that way the most data you lose is the last 24 hours (or less). If you want to back up less often, then be aware that you may need to re-enter more data as needed to get back to normal. You could also back up more often. In cases like this, you also need to think about how much time you’d be willing to lose whilst your computers are being wiped and re-installed. And, do you still have the license key for that piece of software you installed in 2007? And that old CD??

So what do I do?

Your computer should be regularly updated. This includes applications, especially highly targeted ones like MS Office. You need a good, routinely updated anti-virus package on each computer on your network. And most of all, you need to have your data backed up, regularly. And if you are really not sure, ask us. We could even do a trial run, and put it to the test!

Previous
Previous

Working from home - an overview

Next
Next

Phishing - What is it?