Ransomware is still an ongoing problem and based on my own experience, getting more sophisticated. I had a customer this week that got infected on his work computer and his server, including having most of his backups encrypted. Luckily for him, I had maintained offline system images which allowed me to recover his two computers with very little loss (other than a loss of the one business day that it took to restore his computers and get them back in service).
For those that need a refresher, Ransomware is a very nasty and sophisticated virus that gets into your computer, typically either via an email attachment or a bogus website, and then encrypts your data and other fundamental files. At the end of the encryption, a window appears providing you information on to how to pay the ransom to purchase a decryption key to recover your files. It is not possible to decrypt the files without the decryption key.
Thus far, Ransomware has only attacked Windows computers, but with the popularity of Mac computers, it is likely only a matter of time.
Protecting yourself from Ransomware requires a combination of prevention and planning in case the prevention fails. Prevention can be thought of at four levels: Bronze, Silver, Gold, and the most comprehensive, Platinum. Each increasingly comprehensive level includes all steps from the previous level.
For those that need a refresher, Ransomware is a very nasty and sophisticated virus that gets into your computer, typically either via an email attachment or a bogus website, and then encrypts your data and other fundamental files. At the end of the encryption, a window appears providing you information on to how to pay the ransom to purchase a decryption key to recover your files. It is not possible to decrypt the files without the decryption key.
Thus far, Ransomware has only attacked Windows computers, but with the popularity of Mac computers, it is likely only a matter of time.
Protecting yourself from Ransomware requires a combination of prevention and planning in case the prevention fails. Prevention can be thought of at four levels: Bronze, Silver, Gold, and the most comprehensive, Platinum. Each increasingly comprehensive level includes all steps from the previous level.
Bronze: The simplest prevention involves purchasing an antivirus product that specializes in Ransomware protection, making sure Windows and your other applications always have their most recent updates installed, and backing up your data files either to an external hard drive or a cloud-based storage solution. This worksas long as Ransomware does not encrypt the backed up data files as well as the original data files, but does not protect against the Windows operating system and/or applications from becoming inoperable.
Silver: System Image creation stored on an external hard drive gives one the ability to restore the entire system, as long as Ransomware does not encrypt the system image. It is possible to also store the system image in the cloud, but because of the size of system images, in my opinion this is impractical for a home user or small business user. (Note that a system image includes your data files, but separately backing up your data files adds another layer of protection. Should the system image become corrupted, by backing up your data files separately, you should at least be able to recover those.)
Gold: The Gold level adds the creation of offline copies of both your data files and your system images. This is most easily done by rotating among two different drives so that one drive is always offline. Typically, the rotation is done no less than monthly, which means in the worst case, a month of activity could be lost. OFFLINE COPIES ARE THE ONLY GUARANTEED WAY TO RECOVER FROM A RANSOMWARE INFECTION.
Platinum: Due to the significant threat of Ransomware, new features have recently been delivered, both within Windows 10 (called Controlled Folder Access) and system image backup products themselves, which are designed to block the ability for non-authorized programs from changing the system image files. Some hardware firewall gateways also offer features to block viruses at the entrance to your internal network, but these are expensive and somewhat complex to set up properly. Therefore, as a home user or small business owner, I have labeled these as an optional additional feature at the Platinum level.
Protecting against Ransomware is an insurance policy that everyone should have. It does take time and requires some expenditures, but in this day and age, is crucial.
Silver: System Image creation stored on an external hard drive gives one the ability to restore the entire system, as long as Ransomware does not encrypt the system image. It is possible to also store the system image in the cloud, but because of the size of system images, in my opinion this is impractical for a home user or small business user. (Note that a system image includes your data files, but separately backing up your data files adds another layer of protection. Should the system image become corrupted, by backing up your data files separately, you should at least be able to recover those.)
Gold: The Gold level adds the creation of offline copies of both your data files and your system images. This is most easily done by rotating among two different drives so that one drive is always offline. Typically, the rotation is done no less than monthly, which means in the worst case, a month of activity could be lost. OFFLINE COPIES ARE THE ONLY GUARANTEED WAY TO RECOVER FROM A RANSOMWARE INFECTION.
Platinum: Due to the significant threat of Ransomware, new features have recently been delivered, both within Windows 10 (called Controlled Folder Access) and system image backup products themselves, which are designed to block the ability for non-authorized programs from changing the system image files. Some hardware firewall gateways also offer features to block viruses at the entrance to your internal network, but these are expensive and somewhat complex to set up properly. Therefore, as a home user or small business owner, I have labeled these as an optional additional feature at the Platinum level.
Protecting against Ransomware is an insurance policy that everyone should have. It does take time and requires some expenditures, but in this day and age, is crucial.
RSS Feed