We have been receiving reports of a surge of malicious software called ransomware circulating over the past few months.. but just what is ransomware?
What is it?
Ransomware is a type of software that infects your machine, then encrypts all files and sometimes folders on your computer, stopping you from accessing any of the files. It can also stop certain programs from running.
Messages are then displayed on your screen, asking you to pay money, or complete surveys in order to then free up your data to be accessed again, such as the picture to the right.
Some ransomware such as the FBIVirus will display a law enforcement logo such as the FBI claiming you have done something wrong and are being fined by a government agency. These claims are false and payment of the fines will not inform anyone who can actually recover your files.
There is no guarantee that obeying the ransomware will give you back access to your files. More information from Microsoft
Method of infection:
The normal methods of malware (malicious software) infection is either via a compromised email attachment (usually .zip or .doc) or via a compromised website.
Other methods can be seen here https://www.microsoft.com/security/portal/mmpc/help/infection.aspx
Websites hosted by BYTE internet’s shared platform are all routinely scanned for infections by our Siteguard software for free to reduce the chance of your site infecting your customers if you become infected.
Recovering from ransomware is very difficult as it is almost impossible to decrypt the files once encrypted, in this case prevention is always better than cure. we have included a few methods of helping to avoid such incidents:
- Ensure your antivirus is installed and up to date (on both mac and pc)
- Make sure your software is up to date – An antivirus is only as good as its last update, also make sure windows, office and internet explorer are fully up to date.
- Avoid clicking on any email links from people you don’t know or from people you do not do business with.
- You may even receive fake emails from people you do know but they are usually vague with just a random attachment or link (eg. email content: “whoa hi look at this” no other description or names. Email attachment a zip file or a link with random address) if in doubt check with the sender.
- Have a pop up blocker turned on in your browser.
In many cases if the infection is not caught then encrypted files are lost and you will have to restore from a backup. This of course means you should have your important files backed up, or restoration wont be possible. There are many ways of doing this:
- Use a backup system such as our BYTE Kloud (you can use restore previous versions to restore unencrypted files if backed up data is also encrypted)
- Backup your computer regularly to a USB or external hard disk not normally accessible from the infected machine
- Backup your server (if business user) to another server or network path not mapped to infected machine
We have released this bulletin due to the prevalence of this malware, and the destructive power of the infection.