Malware, spyware, worms and bots. Lions and tigers and bears. Oh, my! So many different things that can attack your computer, steal your data and wreck your day. One of the most notorious has been the development of ransomware. (FYI, ransomware isn’t actually all that new — some version has been around for decades.) Ransomware is a type of computer virus that takes your data hostage and like any kidnapping scheme, demands money for the release of your data.
Why is ransomware so nasty? Because it steals the most important thing your business possesses: data. Worse, once infected, there generally isn’t a way out. No one can “disinfect” your machine. You aren’t going to be able to call in IT support to solve the problem. Basically, you have three options.
1. Pay the ransom. This payment is usually via credit card or bitcoin (a digital currency). Some ransomware viruses even provide helplines if you’re having trouble. Of course, there are no guarantees you will get access to your data — these are thieves with whom you’re dealing.
2. Don’t pay and lose your data. This has its obvious downsides, unless…
3. You have a safe, clean backup. In that case, you are stuck with the nuisance of restoring your data with the backup, but you aren’t out any money. However, this comes with a caveat: your backups have to be clean. The problem with ransomware viruses is that just making backups may not be sufficient to protect your data, as the backups can be infected also. Prevention is the best cure.
Follow standard “data hygiene” principles you probably hear about all of the time. Update your OS, software and apps whenever a new release or patch is released. Do this ASAP. Some patches may be released solely as a result of the discovery of a vulnerability. Watch out for phishing scams. If anything looks “off” about an email, don’t open it. And never open links you aren’t totally sure of. If unsure, send an email back to the sender to verify they actually sent you a link.
What can you do to avoid falling victim?
The most important thing you can do to make sure your data cannot be held ransom is strictly adhering to a regimen of backups. Employ a security plan including image-based backups, a business grade firewall with security service and a trusted anti-virus for each endpoint. Routinely backup your data locally and to the cloud.
However, even backups may not be foolproof. If your data has been infected and you are unaware of it, or the backup is not segregated from your network, your backups may also be corrupted. Given the severe consequences of a ransomware attack, consider having a security evaluation done by a managed service provider who will have the security expertise to advise on the best backup protocols for your situation.