Today, I will do my bit to fight against ransomware.
For the uninitiated, ransomware is software that is launched against a business or organization that encrypts the files on a computer and then spreads to other computers within your network.
The reason that its called ransomware is that it demands a ransom, usually crypto-currency. The more urgent that the attackers think that you need your files, the more they want. Hospitals, government organisations, etc. pay more than small businesses, but it is still invasive and very unsettling.
Ransomware is typically introduced when an individual clicks on an element in an email. The element opens a door to the attackers server to download the encryption in the background (so that the user generally doesn’t know that this is going on).
There may be clues, such as your computer start flickering or behaving in an abnormal way, and/or the screen turns a weird colour (red or orange seem to be the prevailing colours, but not always).
One trick that I use is to look at the return address. If is no from the same domain or otherwise doesn’t make sense, mark it as SPAM and move on.
However if you do get infected, the first thing to is to UNPLUG your network cable or disconnect from the WiFi access IMMEDIATELY. This breaks the connection to the attacking server AND reduces the chance of spreading the encryption file to other co-workers, people in the coffee shop with you, your family – you get the picture. They will thank you for it.
There are approx 50 families of this malware in circulation, and it is growing. So this is NOT something you can ignore.
The good news is that the police internationally are doing what they can to catch-up. Recently, they’ve joined forces with the leading security software vendors to create free solutions for businesses.
One that I have found is a European based initiative, located at https://nomoreransom.org. Take a good look at this site, so that you know
I will add more when I find them. I look forward to your comments on this topic.