Good Riddance to bad Ransomware
When a business becomes the victim of ransomware, the impact can be devastating!
According to research by Computer Business Report, which surveyed 540 CIOs, CISOs and IT Directors from companies with an average of 5,400 employees across the UK, Canada, US and Germany, UK companies have suffered the most ransomware attacks. 54 percent of UK companies were found to have been hit by a ransomware attack, with 37 percent paying the ransom and 32 percent losing files for refusing to do so.
But before we start frantically trading in our electronic devices for a one-way ticket back to the Stone Age, lets take a look at how companies can protect themselves from being infected by ransomware.
Know what you're up against
The internet can be dark and full of terrors and ransomware is lethal in its unpredictability. However, the good news is that in the event of falling victim to an attack, you will stand a better chance of knowing what course of action to take if you know what you’re up against.
Below is list of some of the most common ransomware to look out for:
- Encryption ransomware: The affected files are deleted once encrypted, and users generally encounter a text file with instructions for payment in the same folder as the now inaccessible files.
- Lock Screen ransomware – WinLocker: It locks a computer’s screen and demands payment. It presents a full screen image that blocks all other windows, but no personal files are encrypted.
- Master Boot Record (MBR) Ransomware: This changes your computer’s Master Boot Record so that the normal boot process is interrupted, and displays a ransom demand on the screen instead.
- Ransomware encrypting web servers: It targets web servers and encrypts a number of files on it. Known vulnerabilities in the Content Management Systems are often used to deploy ransomware on web servers.
- Mobile Device Ransomware (Android): These viruses are often disguised as apps such as Adobe Flash or an anti virus product.
If you have difficulty pin-pointing what type of ransomware has infected your personal files, web server or mobile device, you can use a tool called Crypto Sherrif, which is designed to help you define what type of ransomware is affecting you.
How can one eliminate the problem?
It’s important to note that encryption in itself is not malicious, and is in fact good development for many benign programs who use it. The problem starts when cybercriminals implement asymmetric cryptography algorithms that use two separate keys -a public one to encrypt files, and a private one, which is needed for decryption. This is why it can be difficult to find on single solution to the problem.
“Some ransomware viruses are relatively easy to remove, while others are hard,” advises Jack Schofield, Computer Editor for The Guardian. “The easiest ones are ‘scareware’ browser screens that claim your laptop has been locked by the FBI or a local police force. This is never true, and you can usually stop them by using the Windows Task Manager to close the browser, or force quit on Macs, then run an anti-virus program to remove them.”
Tougher ransomware nuts to crack usually target and encrypt Master File Table in Windows, individual files, or the whole hard drive. “The Master File Table (MFT) keeps track of all the sectors on the hard drive, and what bits of which files are stored in those sectors,” says Jack. “If the MFT is encrypted, it’s theoretically possible to rescue files by using an undelete program such as EaseUS’s Undelete (Windows or Mac) or Piriform’s Recuva. However, untangling and identifying more than a few files could be a huge task.”
Prevention is key!
As the saying goes, ‘Prevention is better than a cure’, the same applies to stopping cyber criminals from having their wicked way. Outdated computer systems tend to be more vulnerable to ransomware attacks, while many people make the mistake of being too click-happy, and this can result in systems being infiltrated. Our infographic below contains a step-by-step guide to keep your computer safe!
Are you a Champion against Cyber Crime?
Search Consultancy is a specialist in sourcing and placing a variety of security and compliance positions within the IT sector, including Information Security Engineers, Information Protection Specialists and IT Security Managers. We also pride ourselves on guiding our candidates through some of the most important issues surrounding the industry. If you have any questions, or would like to have a look at our latest vacancies within the IT sector, please contact a member of the Search IT team in your nearest office.