Imagine this scenario ... You and your co-workers arrive at work on Monday morning, turn on your computers and rather than seeing your normal home page your system has been locked and a message appears saying `if you want your data back you need to buy some Bit coins and pay us a ransom’.  

That includes all your data, information on clients, invoicing, operations and everything else you hold on your system. You cannot access it and cannot back it up, in fact to all intents and purposes it is like someone has broken in and taken all your computers away.   

Sound like something from a science fiction movie? Well it’s not – everyday more and more businesses and individuals are falling victims to ransomware; a sophisticated and potentially business-destroying piece of malware that encrypts your data and requires a decryption key to access it again. And guess what? To get the key and your data back you have to pay criminal gangs a ransom.  

I know this from personal experience when my laptop recently became infected with one of these pieces of malware.  I had two choices, pay a ransom or lose my data.  

The ransomware itself can get on to your system in more than one way. However, the most common are by infected email attachments, downloaded Word documents with infected code or from infected websites or adverts. This means every time you or any of your employees open an email attachment or Word document from an unknown source, visit a suspect website or click on an advertisement, you and your company could be under attack.  

Businesses from SMEs to large Institutions have had to pay criminal gangs to regain their data with the ransom fees ranging from a few hundred pounds to many thousands; dependent on the size of your business. So it really is important to safeguard your data as much as possible.  

Do not be complacent about backing up 

The criminal gangs who run these ransomware operations are highly organised, difficult for the police to prosecute and for anti malware software to detect. Although occasionally it is possible to regain some, or all of your data; in the majority of cases it is not. Remember, the people doing this are criminals and do not offer a money back guarantee so paying the ransom does not necessarily mean you will get the key or if you do get your data back that a large amount of it will not be corrupted in some way. So you need to make sure you are backing up your data regularly. Pay particular attention to not leaving drives plugged in (this can result in the backup being infected too). Ideally have data backed up at different timescales, in different formats and have a copy stored off-site and off-line.   

Make sure your security is up to date 

Make sure that all your computers have up to date software, this should include software updates for Windows, your anti-virus software, and especially the browser and any browser plug-ins. Always run up to date antivirus on your machines.  

Make your staff aware 

The ransomware requires somebody to open something or visit a site for it to work, so the main weak link in your company is the people using the system. Make sure everyone is aware of this threat and if you do not have one, make an email and internet policy document explaining never to open or download attachments from an unknown source and when visiting websites,not to click on unknown links.  

Ransomware is a growing problem that as yet the best Malware busting software or the law have not come to grips with. It is also something that could affect any of us and have potentially very expensive ramifications. So beware of this threat and make as much effort as possible to offset the risks.  

Fortunately for me my laptop did not have anything important on it and I was therefore able to reset it to factory settings, which wiped the drives. However could you or your business afford to lose all of your business data? 

http://leadingedge-solutions.co.uk/

Photo: Ransomware is designed to lock you out of your own files