The word “ransomware” has grown in popularity over the past few years due to the increasing number of victims it has claimed. Here at Estimate Rocket, we are conscious of the danger of ransomware, and we take protecting our customer’s data integrity very seriously.
We use Amazon AWS cloud services, which employs redundant backups of data all around the country, which means the risk of data integrity being compromised is almost zero. By the end of this article I hope to give you a better understanding of what exactly ransomware is, how it works, and how you can avoid becoming a victim of this type of attack.
The dangers of ransomware
Ransomware is a malicious program that encrypts all of the files on your computer, using a type of encryption that not even the most powerful computers can break. This encryption makes the data - your data - unreadable and unusable. It also makes it nearly impossible to recover your data, although it might be possible with a backup. (You have a backup, right?)
In case, you don’t have a backup, the perpetrators of the ransomware attack will hold your computer hostage, letting you know that they will only decrypt the data or restore your backup if you pay them a ransom (hence the name). This is typically asked for in the form of cryptocurrency (i.e. Bitcoin).
Know how to identify and stop a phishing attack
Avoid opening emails from people you don’t know
Phishing attacks are normally emails sent with a malicious file attached or a malicious website link. The goal is to get the recipient to download the file or open the website. This will then trigger the ransomware to run on your device. In the early days of email phishing, they were pretty easy to spot with misspelled words, wrong logos and ridiculous email addresses. However, hackers have gotten smarter and more sophisticated. Now, these emails look more legitimate and are easier to fall to prey to than ever before. One tactic that is particularly effective is hackers use contacts from your own email as the sender, making it much more likely you’ll open the message since you genuinely know the person.
The most common form of phishing emails are:
- Receipts
- Bank transfers
- Estimates, or invoices
- Images like photos
- Voicemail files and more
Word documents are the most popular file type due to their ability to use macros which can be easily manipulated to perform malicious acts.
In summary, don’t open any attachments from anyone, if you’re not expecting something.
Backup your computers and devices
It doesn’t even have to be fancy, just backup your files to an external hard drive. Or take advantage of cloud storage services available from places like Dropbox, Google and Apple. Some cloud services can even be scheduled to backup your data. Windows 10 also has a new Ransomware Protection feature that will block applications that try to make changes to files. To enable this simply open the Start menu, type in “Ransomware Protection”, and then enable the feature. Microsoft also offers an integrated backup solution via their One Drive service which should be displayed at the bottom of the dialogue box.
Protecting your data is better than recovering your data
Ransomware isn’t going anywhere. It’s far too profitable for attackers with billions having already been paid out and that number is growing fast. Sticking to good habits and keeping backups will minimize your risk of being hit by a ransomware attack, so start those good habits today and protect yourself and your business from being a victim to attackers in the future.