Flash of Genius February 2017: Ransomware

THOMAS... Shared Genius Practice Solutions From one genius to another.

February 2017 Hostage Crisis Instead of giving you another boring lecture on backups, I'm going to give you a story about being held hostage.... and this hostage could be you, in an instant. Imagine using your computer, you're just getting ready to log another visit when suddenly, your computer pops up a note that says "All of your files have been locked. If you want to restore them, you have 30 min to pay $1000 in bitcoin to XXX. If you pay the fee within 30 min you will get a key to decrypt your files, if not all of your files will be permanently locked." Even if you pay the fee, there is no guarantee you will receive a key or be able to decrypt or restore your files. So, now you're out money, files, a computer (maybe even your whole network), and you are out of work and out of business. And this all happened between a swig of coffee and that last phone call you made. You are now another victim of Ransomware. Ransomware can be as "easy" as a lockscreen (it throws up a big screen block and locks you out or keeps you from accessing the rest of the computer screen or turning the block off), or it can be "hard" - encryption type as mentioned in the example above. Either way, you lose. Once you've got it, it's too late. Ransomware is the end result, it comes from getting a Cryptovirus. Cryptovirus = Ransomware We regularly get a couple of calls a month, but over the last couple of months, we have been more and more calls with this problem each day. And the requested amounts have been increasing as well. This is a true horror story. So, how to you get this rotten virus? Mostly in the usual way - clicking on a link or download in an e-mail message. You can also come across it by clicking on a link from a social media site like Facebook or Twitter. Don't go to any sites or click on any links that seem bogus, wrong, or weird. You can contract this virus from a bogus website, or an infected website also (And no, the infected website will not even know it's infected.) You can also get them from questionable games and apps. If you don't know, aren't expecting, or think something seems strange hinky or off - don't click on it or go there. If you see your files magically changing their own names to weird things or you get a pop-up ransom demand ... immediately turn off the computer and disconnect it from your network. For offices with their own server - you should care most about your server- immediately shut it down and disconnect it from the network. Have your backups ready and call for help. Just like a standard, real-life, infectious virus - once your computer picks one up these cryptoviruses immediately branch out to infect everything your computer touches. Do you have a thumb drive plugged in? Are you connected to a network? Are you always "hot" (live, auto-upload) of files to Dropbox, Google Drive, or some other type of folder? If it can touch them and has the time to reach them, they will also be infected and/or locked. For more information and examples of some of the types of ransomware - visit Microsoft's page of info for them HERE. How to avoid getting infected? (The quickie list.) Don't click on questionable or suspicious links or visit questionable or suspicious sites, don't download questionable or suspicious apps or games. Don't click to download anything you are not explicitly expecting, even from someone you know. Make sure that you update your virus software and computer operating system regularly. Scan for malware regularly. Don't keep things like Dropbox or Google Drive open and active to automatically update when a file changes. Keep it as a manual process so that you choose how and what gets uploaded and when. (If files are automatically uploaded - the virus can change a file, it will then automatically upload, and infect your "cloud drive" and its contents just like your harddrive. Worse, it will automatically download to any other computers you have attached to Dropbox or Google too, allowing the infection to quickly spread.) You caught a bad bug, so now what? Stop, turn off, and disconnect the server and problem computer immediately. Call for help with your backups. #Number 1 tip besides "don't click on that"? Have multiple backups in multiple ways. More is more (meaning more options - for success). You want daily backups (each on a different drive), you want at least weekly - off site backups and it is awesome to have a true cloud backup like CrashPlan Pro. If you only have one backup, you only have one chance. If you have 10 backups, you have 10 chances. If you have no backup, you have NO chance. Give yourself the best chance to get out of a bad situation. Have multiple backups. Why multiple backups? It is possible for you to get a virus or other problem - including a simple bad backup copy. You might not notice a virus for days (or longer) if it doesn't pop-up a sign like ransomware saying "here I am". In that case, you may have several days of backups that are infected (i.e. no good). You may have a connected backup get infected from being connected, as mentioned above. Your office may burn down or flood out and all of your onsite backups may be destroyed. It is great to have a cloud backup and we highly recommend it, but you should still have an offsite backup. If you need to be up and running ASAP, having an offsite or in office good backup is your best bet- we can often have you up and running again in a couple of hours. You can recover from a cloud backup only, but that can take more than a day. More options equal more options. Be safe! Don't download, click on, or visit questionable things and BACKUP! Upcoming Events For all of the current Events: Seminars, Webinars, & Conferences: Visit our Events page Watch our one minute video to see how e-Eligibility can help your office! Got a Tip? If you have a question or tip you would like shared, please e-mail us and we'll take a look at it. This is SHARED GENIUS after all. :D Sincerely, — Genius Solutions, Inc.