Ransomware – are your systems protected?

Ransomware is a word that can strike fear into businesses and individuals alike, especially after the recent news articles about the NHS infection and other global attacks from WannaCry and its derivatives.

So what exactly is ransomware?

It’s a malevolent piece of software which goes through your computer files and ‘encrypts’ them so they cannot be opened or ‘decrypted’ without a special unlock code.  Once the files have been altered, the ransomware then displays a message explaining how much it will cost to obtain the unlock code and how long you have until the files are destroyed.  Some users have reported that even though they have paid the fee, they’ve not received the unlock code and lost their files.

Ransomware is not a new thing; it has been around in various forms since 1989. It’s only recently been making the headlines due to the untraceable nature of new payment methods, such as Bitcoin.

How is it spread?

The most common method of transmission is through email attachments sent to you (eg inside Word documents, pdfs, spreadsheets etc), although your machine can also be infected by other machines on the same network already infected by the ransomware.  This can even happen at home if you have multiple computers connected to the internet at the same time.

There are many types of malware all working in different ways to achieve the same result, blocking you from your files.  Once you are infected, your options are limited: you either pay to release your files, pay a specialist to try to recover them (not normally successful) or lose all the data.

What can you do to reduce your risk or the impact of infection?

There are a number of simple and inexpensive ways to stay clear of ransomware

• Keep your antivirus and Windows Defender updated
• Keep your machine updated with the latest Windows updates issued by Microsoft
• Review all emails and their attachments before opening them.

If the email is not from a sender you expect or recognise (ie a friend, bank, gas/electric supplier, online shop etc), then delete it.  If it is from a known source, don’t just open it, as people can fake where emails are from. Have a look at the content and the attachment name and see if they are related. Just as importantly, ask yourself whether you expected an email from the sender. If you are at all concerned, delete the email.

Make a copy of your files to a portable storage device, such as a USB stick or a USB hard drive which is only connected to your computer to back up your files. Alternatively, you could use a DVD/Blu-ray disk or one of the many cloud storage options available on the internet. You should also create a factory reset disc or learn about ‘Restore Factory Settings’.

If your computer is running a version of Windows pre 8, 8.1 or 10, then you can create a factory reset disc/ USB drive.  For Windows 8, 8.1 or 10 users, you have the facility to ‘Restore Factory Settings’. In both cases, this wipes all information from your computer and reinstalls Windows to its original factory configuration.  Once complete, you will need to reinstall your software and upload your files from the location in which you stored them.

While ransomware can be disastrous for the unprepared, following these straightforward suggestions can alleviate your main fear: the loss of business or personal data.