011 285 0022
What if someone stopped your business accessing your files or using your computer and then demanded a ransom to get it back? Software that can do this is called “ransomware” and 2015 has seen huge rise in South Africans whose information has been held hostage.
Ransomware can encrypt your files or lock your business’s computers. It can even disable your keyboard and mouse or take a picture of you using your webcam and display it on the screen as part of their scare tactics. When infected by ransomware a message demanding payment, and often a deadline, will be displayed.
The ransom that is demanded can be thousands of rands!
Ransomware is getting smarter all the time and can even tailors the content of the “ransom note” (which will be displayed on your screen) based on your language and location. There are many different types of ransom notes:
- It may look like a message from a legitimate software company telling you need to by a new license to unlock your system.
- Offensive pictures displayed on your screen to embarrass you into paying to have them removed.
- A notice from the Police demanding that you pay a fine or face legal action.
- Or simply a message telling you your files are encrypted and you need to pay to get them unlocked.
Payment is usually made by having to buy and then pay them with an untraceable “crypto currency” such as bitcoins.
Ransomware can arrive on your computers several ways:
- From an external hard drive or memory stick
- Downloaded by malware that is already on your computer
- Clicking on links or opening attachments on spam e-mails
- Downloading software from untrusted sources
- Opening malicious web sites
There are steps all your staff can take to avoid your business being held to ransom:
- Ensure that their computer’s anti-virus and other security software is always up to date
- Update operating systems (Windows) and other trusted software regularly
- Encourage staff to think twice before clicking on web site links and banners
- Make sure employees do not install programs from untrusted sources
- Be wary of web site that ask you to update software, codecs or drivers
- Bookmark web sites you go to often and use these bookmarks when you visit them
- Regularly back up your computer systems and information
Of all of these the most effective defence is to regularly back up all your computers and servers. These data pirates are getting smarter and sneakier all the time and we have seen instances where systems with completely up to date security software have still been held to ransom.
If your business is affected by ransomware do not pay the ransom! We have spoken to several businesses that have paid thousands of rands but never got back the access to their computers or information.
Your best solution if your business is affected by ransomware is to either reformat you machine or download one of the ransomware removal tools that are offered for free by respected anti-virus companies. Once this is done you can then copy your information back to the affected computer from your latest backup.
Cryptolocker a ransomware worm that surfaced in late-2013, had procured an estimated R30 million before it was taken down by authorities. So be careful out there. People who used to make viruses for “fun” have now found a way to make money from infecting people computers and more and more of them are finding new ways of doing this.