Modern day crypto-ransom attacks are becoming more clever and widespread every day. Crypto-ransom attacks or ransomware is the equivalent to a shakedown but instead of using fists, these nerds use computers. Each passing month cyber security organizations identify new ransomware variants than they had previous months. The amount of ransomware identified in a single month of 2016 exceeded what had been identified in previous years. Ransomware is never going to go away and the problem is getting worse. Modern technology has created a platform for criminals to operate from safe distances, easily attack multiple victims, develop automated malware, and their activities be difficult to trace. Creating and then distributing ransomware can be beyond lucrative. The FBI reports an estimated 4000 daily ransomware attacks, totaling to millions of dollars being extorted from victims. In the news, you often hear about huge disruption to critical infrastructure or a large organization being under attack by cyber criminals, however a recent report shows that 53 percent of ransomware victims are individuals.
Do you have ransomware? Here are the ransomware indicators of a compromised system: the encryption process will append file extensions and change them in the background, without knowledge of the user. This affects any and all data accessible to the computer, including external drives. The encryption process needs to make a call back to obtain the encryption key, and the most obvious indicator is a ransom note prompting you to pay. If you find a suspicious file extension, such as .crypto, the best thing to do is to check file-extensions.org for their list of known ransomware extensions. If you have a web content filtering system, this can be useful to block suspicious call backs. Ransomware will make a call back to a server to obtain the encryption key, this can be blocked. Unfortunately, there is not much you can do once you see the ransom note. There are only two options at this point. First is restoring your data from a backup, the second would be to pay the ransom and hope you receive a decryption key. Preparing an incident response in case of emergencies is the best you can do to defend yourself, but you would have to have done it before getting the ransomware onto your system. Once you are infected, decrypting your files without paying the ransom is close to impossible. Backing up your data periodically and verifying those backups make any sort of ransomware attack useless. The solution is simple and effortless, backup tools are available on all computers, it is quick and easy. If you are not doing regular backups, that should change now.
Skyline IT Services, a San Diego based IT solutions company offers real time backups along with premier IT support. Our backup systems can mitigate any cyber-attack to your system, we will prepare you for worst case scenario. For any questions and concerns about your IT needs, Skyline IT Services’s expert technicians can tackle any problem and resolve any issue.