• Anatomy of a Phishing Email

    If you use email (which, if you’re reading this, you almost certainly do), you’ve probably heard of “phishing”. You’ve most likely also received (but hopefully didn’t fall for) at least one phishing message. Phishing is an online scam, usually conducted over email but sometimes through other communication services, which involves tricking someone into giving away ... Read More →

    read more »

  • Cost of Becoming Fisma Compliant

    Many clients that are about to undergo a FISMA Assessment ask us what it costs to meet the requirements. There are several factors to consider when looking at the expense of becoming FISMA compliant, and it is hard to provide a dollar amount until a gap analysis is performed since we are not yet sure ... Read More →

    read more »

  • Public WiFi: How to Stay Protected From Security Threats

    One of the conveniences of our modern world is free wireless Internet connections offered by businesses for use by their customers. This can be especially useful for employees who want to continue working or otherwise stay connected via their laptops. But many people don’t realize the security issues with using public Wi-Fi connections. Luckily, once ... Read More →

    read more »

  • Rogue Access Points

    It’s common security practice for a company to make sure all their wireless access points are secured. After all, the range of a wireless access point can potentially extend to a physical area outside of the company’s control. This means that no matter how hard you try to prevent people from trespassing onto the company’s ... Read More →

    read more »

  • Ransomware: How to Stay Protected

    You may have heard of a relatively new trend in computer malware. Known by the fitting term “ransomware,” it serves as a form of extortion, holding your computer and/or your data hostage until a fee is paid to the attackers, usually in the hundreds of dollars or more. Some types of ransomware are relatively easy ... Read More →

    read more »

ransom2

You may have heard of a relatively new trend in computer malware. Known by the fitting term “ransomware,” it serves as a form of extortion, holding your computer and/or your data hostage until a fee is paid to the attackers, usually in the hundreds of dollars or more. Some types of ransomware are relatively easy to deal with—while the attackers claim that the only way to unlock your computer is to pay them, it can still be removed using safe mode or other recovery tools. But there’s also a more sinister variant of ransomware; once you’ve been hit with this malware, there really is no way to get your data back without paying up. Even having a backup might not save you, depending on how it’s set up.

            Once your computer is infected with this type of malware, it will begin encrypting your files. At this point, if your antivirus software doesn’t detect it, you most likely won’t notice what’s happening. This more virulent form can also infect connected removable drives and even network shares. If you have a backup device connected, or if you have other files that can be modified over the network by the infected computer, those will be encrypted as well.

            Once that’s done, the malware comes out of hiding, making itself quite visible. A message appears, sometimes purporting to come from a government agency such as the FBI, informing users of what has happened to their files, and preventing the computer from being used for any purpose other than to pay for the key needed to decrypt the files.

            Because the key is stored on a remote server, if the malware encrypted all of your backups, you unfortunately only have two options, neither of which is very pleasant: you can either pay the fee to decrypt your files (which generally does work) or reformat the PC and lose your data forever. If you choose the former, however, it’s still wise to backup and reformat the PC, as there may be some backdoors left over by the malware—these are criminals we’re dealing with, after all.

            As always, the wisest course is to prevent this problem from occurring in the first place. Be careful where you download software, don’t visit questionable sites, and keep software like your browser, antivirus, and operating system up to date. It’s also a good idea to disconnect your backup device when there isn’t a backup or restore in progress. The best idea, however, is to use a cloud backup service as this is generally considered safe from ransomware.