Digital data has become a commodity in modern society; be it pictures of your friends and family on your phone/personal computer, or sensitive business documents on servers that empower and run your workplace; at the end of the day we need to keep all this data safe and secure.
First and foremost, regular backups are a must!
No matter what happens, if it’s your mistake or someone else’s’, backups are there to save the day.
It is important to make sure your company is taking daily backups of all critical business data and that these backups are monitored and tested regularly to ensure viability.
But I digress…
What I really want to talk to you about today is Ransomware.
You, the user, are being targeted on a daily basis by scammers trying to gain access to your data.
Ransomware is “a type of malicious software designed to block access to a computer system(s) until a sum of money is paid to the attacker.”
The scammers want to kidnap your data and make you pay to get it back.
Usually ransomware comes in the form of a “script” or “macro” that scans your system and entire business network for any valuable files and encrypts them so that you can no longer open anything.
The attackers are looking for photos, word documents, PDFs, excel documents ect… anything that you hold dear or need to do your job is what they are really after.
How do I get infected with Ransomware in the first place?
This is the scary part; there are literally hundreds of ways for you to accidentally run one of these malicious scripts.
Both PC’s and Mac’s are susceptible to many different kinds of ransomware so no one is safe.
Within minutes of running a ransomware script all of your documents become inaccessible and if your computer is connected to shared files in your workplace it will spread to all those files also and can take down your entire business!
Scammers will try to use every trick in the book to try and get you to run their scripts, everything from an e-mail marked as an important invoice to a plugin you need to install to stream the latest sports game.
The Ransomware will always be delivered in the form of a download or attachment. It could be something as innocent as a Word/Excel document, a PDF, or any downloaded zip/exe file.
How do I protect myself and my company?
The best piece of advice I can give you is to suspect EVERYTHING when dealing with e-mail attachments, especially if you don’t know exactly who it’s from, no matter how important, urgent, or imperative they say it is for you to open the document and look at the contents, JUST DON’T!
It’s as simple as that, if you never accidentally open a ransomware script then you’ll never get infected. If you are unsure of a certain file or attachment forward that e-mail to your IT department for analysis.
Another important layer is having a good up to date antivirus software installed on your PC. This gives you a safety net for when you do accidentally open the wrong document.
A good A/V will stop any ransomware or other viruses in their tracks before they have a chance to do any harm.
We recommend ESET Nod32 because it is one of the best antivirus software’s out there right now.
Cornell has a great page with examples of all different type of e-mails that a scammer would send to you with a malicious file attached.
It would be a good idea to have a look at the different subjects used so that you can better spot a bad e-mail in the future.