What would you do if your computer was hit by Ransomware?
This is becoming an increasing threat to everyone in business or personally. Even if you know to be aware of dodgy emails it can still get in to your computer. I am sure everyone receives emails with invoices, or statements, or payment information attached. You know they are suspect if you don't generally receive this sort of information, but as a bookkeeping practice we do genuinely receive this information for ourselves, on behalf of our clients and in emails we deal with in our clients' offices. Until you have previewed or opened an email you don't know whether it is from a genuine supplier or whether you have just released a virus into the computer.
Wikipedia gives the definition of Ransomware as "a type of malware that can be covertly installed on a computer without knowledge or intention of the user which restricts access to the infected computer system in some way and demands that the user pays a ransom to the malware operators to remove the restriction." The Ransomware can lock your computer, keep producing pop ups which restrict your viewing, or encrypts all your data. The Ransomware can lay dormant on your computer for a while before it becomes a threat.
The operators of this Ransomware expect you to pay their ransom, which is usually in "bit coins" and then they will supposedly provide you with the means to decrypt or unlock your computer. However this is not necessarily the case. The Kansas Heart Hospital was hit with a Ransomware attack on 22nd May, they paid the ransom and then another was demanded.
So how do you protect yourself from this type of threat? Norton advise:
- Every computer should have reputable anti virus software and a firewall. This software should be kept up to date with the regular updates provided which will help protect your computer against new threats. They cannot provide 100% protection of course but they are better than not having anything at all.
- Don't click on links in emails, especially if they are zip files which you are not expecting.
- Disconnect from the internet so personal information can't be transmitted back to the criminals.
- The data on your computer should be backed up on a regular basis with alternating tapes, hard drives or memory sticks and the back ups should be kept away from your computer and preferably off site.
- Alert the authorities.
Microsoft also provide regular updates and these should be downloaded to protect your computer too.
It makes sense to alert the authorities to your situation. Whilst they cannot sort out your computer they will be able to log the incident and it may help to reduce this type of fraud.
As a company we ensure our data is backed up on a daily basis and taken off site and we regularly check that our backups can be restored. We also take back ups of the Sage Accounts data when we work on client's sites so that we also hold an off site back up for them.
So why am I writing about this now?
Last week one of our clients was hit by Ransomware. Regular back ups were taken of the data on the computer to an external hard drive and we also took copies of the Sage data at each visit which we took off site. However, the external hard drive was attached to the computer and so was our memory stick at the time the Ransomware was activated as we were taking backups at the end of the day. So all the data on the computer, on the external hard drive and on our memory stick was encrypted. There were no other backups.
And just this morning I was reading a short article in yesterday's paper which warns holidaymakers to beware of scammers who trick people into transferring money into a fradulent account. These fraudsters infect a household computer by downloading malicious software which allows them to monitor emails. They then pounce by sending fake airline tickets or false holiday confirmation, encouraging them to pay money into the fraudster's bank account. Last year these hackers stole £11.5m from holidaymakers according to the City of London Police's National Fraud Intelligence Bureau.
So if you don't have measures in place to protect yourself and your computer please think about doing so.