The bad news: Ransomware has become big business. CryptoLocker, Locky, and other variants are netting criminals so much money that there are some who provide it “as a service” to non-techie criminals for a split of the ransom money collected.

The good news: You can protect yourself.

The most important thing is training: your employees need to know not to click on links or attachments they are not sure of the source of. To help with this, make sure that the “Hide extensions for known file types” is UNCHECKED on your computers. If this is turned on, users can see an attachments as file.txt and think “It’s a text file – that has to be OK” when the file really is file.txt.exe, and moments later every text, office and PDF file on that computer and any shares it is connected to are encrypted and being held for ransom.

Also train users to hover over links before clicking to see what the link really points to. The link text may say but the URL behind it may really be!

Next up – regular offsite backups. A copy on a drive attached to a server that gets encrypted will also get encrypted! It also isn’t of any use if fire or water damage is what makes restoring from backup necessary.

For more details and the history of ransomware, see this ZDnet article.

Leave a Reply

Your email address will not be published.