Email Virus Alert: "Ransomware"
An article shared by our partner Shawn Nesbitt, Owner of Simple Network Consulting in Madison, WI
As a service to our clients, Simple Network Consulting shares updates on critical issues impacting organizations and businesses. These alerts are directed to everyone in an effort to raise awareness about current viruses or malware that are affecting businesses and home end users alike.
This Alert focuses on a particular malware attack that can and will cause significant downtime and has a direct impact an organization’s ability to service customers and cause financial harm. Ransomware is where a virus (malware) gets secretly loaded on your computer or into your computer systems. It locks files, usually by encrypting them. They come in via emails or by infected websites that are well crafted and makes a person believe that the mail and either a link or attached file is from a trusted source. Clicking on the link causes the malicious software to load on your system and starts encrypting files like databases, Word, and Excel files.
The only way to unlock the files is to pay the criminal sender a ransom. They contact you to extort money to “unlock” your company’s systems. In some cases after you pay the ransom they don’t unlock the files. The encryption cannot be by-passed. It is NOT recommended that a ransom be paid. Once paid you become an ongoing target of these criminals. Proper precautions will reduce risk and allow business to recover from an attack. This issue is both a social engineering attack and a technical attack.
Call Simple Network Consulting immediately if you receive a message of this nature – 608-446-4464!
Below are recommendations on how to protect your system from these attacks.
Training: Educate staff on how to identify suspicious mails.
- The emails originate from spoofed email accounts. Educate employees to check the senders of the e-mails and verify the legitimacy of the sender.
- Remind employees to not visit un-trusted websites or follow links provided by unknown or un-trusted sources.
- Remind employees to be cautious when clicking on links in emails coming from trusted sources.
Implement Systemic Protections: Secure computer equipment from attack
- Block IP traffic at your network perimeter devices. (Contact me if you would like the specific list of IP addresses that should be blocked.)
- If you do not have Anti-virus software on your computer, please give us a call and ask about Vipre Business Anti-virus software.
- Ensure anti-virus is installed and definitions are up to date
- Include a malware protection software in addition to your anti-virus software.
Back-Up Processing: Make sure that appropriate backups are being done with some frequency
If infected, remediate the infection via antivirus. Following the remediation, restore any encrypted files from backup or system restore points and volume shadow copies. Simple Network Consulting uses the best disaster recovery solutions on the market. If you don’t think you are protected, ask me for a free assessment.
Best Practices to Keep from Getting Infected in the First Place
While there are no guarantees, here are some tips on how to keep your computer from getting infected with ransomware. You don’t have to do all of these, but the more you do, the better off you are.
1. Keep your operating system up to date. This starts with knowing how your system is updated: automatically or manually by you. We can perform this for you in part of our Managed Services!
2. Know how your applications are updated. Some applications will pop up notifications on your screen, others will notify you via email and still others will only tell you about updates when you use them. If you get a notice you don’t expect, contact the company and ask.
3. Keep your applications up to date. When new updates come out, especially security updates, apply them. But first, make sure you know how the application is updated – see item 2.
4. If you receive a suspicious email (phishing?), but are not sure, contact the company by going to their website or contact them via phone. Don’t click on any links or use the phone numbers in the email.
5. Use anti-virus and anti-malware software and keep it up to date. This should include a good adware filter and a pop-up blocker.
6. Try not to click on ads for products or companies you don’t know. Even better, if you see an appealing ad, go directly to the company’s website and see if the offer is there.
7. Only download and install browser add-ons, plugins, and extensions that come from known, reputable sources.
8. Take a snapshot of your entire system from time to time, perhaps once a month. This will include data and applications. Store these snapshots on an external drive that is only connected to your computer to do the backup and then is disconnected.
9. Have a backup of all the files on your computer to a server that is NOT on your network. Simple Network Consulting offers Simple Cloud Backup which serves this purpose. If you don’t have a backup and would like to hear more about this option, please feel free to contact us.
10. Awareness is key. As a computer user, your job is to stay aware of what’s happening on your computer. You don’t have to be a computer security expert, but you should practice safe computing and clicking. Even the safest computer users can get infected with malware, but by staying alert and aware you can dramatically reduce your chances.
If you suspect that your computer has been infected by a virus, please disconnect it from the network by removing the network cable from it, then give us a call as soon as possible. This could help minimize the loss of information for you and your company!
Shawn Nesbitt
Owner Simple Network Consulting
608-446-4464
1574 West Broadway, Suite 200
Madison, WI 53713
www.sncllc.com