We have recently seen a worrying expansion of a particular type of Malware that, once it infects a PC, encrypts all the files making then inaccessible and demands a payment – usually of several hundred pounds – to supply a decryption key. This infection is usually picked up from a website accessed from a link within a phishing email.
This type of infection is impossible to guarantee protection from but here are some recommendations to minimise the likelihood of attacks.
1. Keep your operating system fully patched and up to date. Auto updates is the easiest way to ensure that this happens.
2. Keep your applications up to date, especially any security updates.
3. Use a good anti-virus software and keep the virus definitions up to date. Make sure that it is fully enabled to run in the background.
4. If you receive a suspicious email but are not sure, contact the company by going direct to their website or contact them via phone. Do not click on any links or use the phone numbers in the email.
5. Do not click on embedded ads for products or companies that seem too good to be true. Rather go direct to the company’s website.
6. Only download and install browser add-ons, plugins, and extensions that come from known and reputable sources.
7. Most important aspect of prevention is user awareness. Everyone is not expected to be a security expert but the majority of incidences could be prevented with more alertness to the threat.
And if you do get infected with Ransomware there is little that can be done to recover the files other than:-
a) pay the ransom (really not recommended) or
b) recover from a backup. Now you do have a backup, don’t you?
These two final steps are for recovery and mean that the prevention has failed.
8. Regularly take a full System Backup snapshot of your entire system. Save this to a removable drive and REMOVE IT! Any drive left connected will also be encrypted by an infection!
9. Backup of all the files on your computer network to a cloud based backup service such as LiveStor. This gives you a start of a DR plan as well as helping out in this scenario.
If you do get infected – act with URGENCY!
1. Unplug your PC from the network (just pull out the RJ45 cable plugged in the back of the PC)
2. Get everyone else to do the same
3. Phone the CPLUS Helpdesk on 0118 989 9109 immediately