Ransom + Software May = Ransomware

ransom software may ransomware

Advancements in both hardware and software technologies have allowed businesses to expand their markets, reach new customers, and become far more productive than they could have possibly dreamed.

As is often typical however, new ways of doing business also open up new avenues criminals can use to steal, or hamper a company’s daily operations just “for the fun of it”. In some cases, hackers and criminals employ what amounts to kidnapping of data or other technological resources until a business pays a ransom. For companies who are not well prepared for such attacks — ransom + their corporate software vulnerabilities may indeed equal a ransomware attack.

How It’s Done

There are several ways that hackers and criminals can gain access to corporate networks and the data that resides on them, but one of the most popular is through a phishing attack.

In a phishing attack, a hacker will typically send an email that looks like it is from a legitimate source such as another employee, often high ranking in the company, or another company that may be a client, vendor, or partner. If the employee receiving the email is not fully prepared to spot a phishing attempt, they might reveal the login credentials for access to the corporate network and/or software applications. Once in the system, hackers can encrypt files, barring employees from accessing any corporate systems until the company pays a ransom. In more than a few cases, the ransom amount paid was quite steep.

Who is Vulnerable

Essentially anyone doing business online can become vulnerable to a phishing attack. However, in recent years municipalities have become increasingly vulnerable to these types of attacks. Large and even medium-sized cities have become popular targets since the systems they oversee provide essential services for both businesses and residents in the area.

Prevention

Proper training is one of the essential keys that can help to eliminate a ransomware attack. Employees need proper training to spot phishing attempts and other suspicious online activity.

A comprehensive tested backup plan is also essential. Up-to-date backups that are held in areas where even hackers cannot access them is key to recovering from a ransomware attack. Regular testing of a backup restoration is also essential to ensure the restoration process will run smoothly if an attack should occur.

If you would like to know more about how to prepare your company to withstand against cyber criminals, please contact us.

Computer Tip of the Day: Rescuing Your Computer from Ransomware

computer tip of the day rescuing your computer from ransomware

ransomwareRansomware is a piece of software that sits somewhere between viruses and general programs. It is a type of program that can be used to lock your computer and make it close to impossible to gain access to your computer again until you agree to pay the person responsible money to release your computer to them with no guarantee they will agree to release your computer access to you again once you pay them.

While it would be ideal to not have to deal with ransomware in the first place and simply avoid having it get onto your computer at all, this will not always be possible and it is important to understand what you can do to see off ransomware if it does end up on your computer.

Removing Ransomware

Removing ransomware doesn’t have to be difficult and it can be as straightforward as you want it to be. The first step is recognizing that it is ransomware because you might well look at a virus and think it is ransomware. Recognizing that you have ransomware is the first step in removing it. The important things to keep in mind here are that Microsoft will not call you at your house, the software the ransomware claims to represent will not be your antivirus and anyone who actually wants to help will not disable your computer access until you pay them.

Once you recognize that you have a ransomware infected computer, it is time to start the process of removing it. The first thing to try is also something that can only be done if you are not using a Windows 8 or 10 computer: running it in safe mode with command line access and rolling back to a previous system restore point using the command line to open the restore utility, select a point to roll back to and restart your computer in the standard mode to see if it worked.

However, if you are using windows 8 or 10 or have disabled system restore points then you need another method. The best alternative is to find Windows Live Repair CDs online and burn the associated files onto your blank CD or USB drive. Once that is done, power down your computer after you insert the CD or USB drive into your computer.

Now, restart and hit the button that will open your boot menu and choose to boot from your CD or USB Drive. From there, just follow all the recommendations to remove the offending files and respond to all alerts. When this is done, remove the USB or CD and restart your computer. Your computer should now be free of all ransomware and you are done!

Ransomware is a serious problem that needs to be addressed ASAP. If you follow these tips, you should be able to remove it from your machine with few issues. However, if you need more help or additional tips on ransomware removal, contact us today!

Watch Out For DoubleLocker Ransomware – Computer Tip of the Day

watch out for doublelocker ransomware computer tip of the day

DoubleLocker Ransomware

It is always challenging to balance the need for security along with the need for employees to BTOD (bring their own device) to use for work-related purposes, or in some cases, use company-supplied portable smart devices while on the job.

If your employees use Android smartphones or tablets for work-related activities, then you’ll want to raise awareness about a new ransomware that not only encrypts the user’s phone or tablet data, it also changes the PIN number, making it impossible for them to gain access to their device again unless they pay a ransom.

How it Works

Dubbed “DoubleLocker”, this new Android OS ransomware spreads by way of a fake Adobe Flash update found on a compromised website.  If the phone or tablet user accepts the download, the fake app asks for activation of “Google Play Services”.  It exploits a series of permissions designed for the disabled who use the accessibility service functions that Google provides.  Once DoubleLocker is completely installed, it sets itself up as the default Home application.  When a user attempts to use their phone again, they are greeted with a ransom note.  The user is given 24 hours to pay about $73 to regain access to their phone or tablet.

Although this is not necessarily a large sum of money, it is disconcerting to say the least, to know that a hacker is now in control of the device and its data.  In addition, until the hacker receives payment, the employee cannot accomplish any work-related activities on that device, potentially resulting in lost revenue for their company.

Prevention is the Key

The best way to avoid larger issues from this ransomware and others, is to ensure that employees work completely in the Cloud from their phone or tablet, so that no data is lost should their device ever become comprised.  The device itself can be saved by performing a factory reset on it in order to avoid paying the ransom, but any data stored only on the device is lost during the reset process.

Additionally,  training employees on what to look for with regard to the DoubleLocker ransomware is a key, as well as instructing employees to simply avoid installing any unknown applications or software on their devices.  Instead, they should always check with their IT Support before downloading anything questionable.

Want to know more about protecting your organization from security threats?  Contact us.

 

Dealing With Ransomware: Our Computer Tip of the Day

dealing with ransomware our computer tip of the day

Any basic computer user knows about the dangers that lurk on the Internet. From email scams, to generic computer viruses, and suspicious links, making smart decisions while surfing the web is important. As important as this is, however, one of the more common dangers lurking in cyberspace, is ransomware. A malicious tool that locks your computer and demands a ransom, it’s nearly impossible to get rid of once you’re infected. There are plenty of ways to avoid it, however. Here are some things to keep in mind when dealing with ransomware.

dealing with ransomware

Be Careful While Surfing the Web

Ransomware is often found on suspicious sites, so always be careful when you’re surfing the web. It’s not always easy to know which sites are safe and which are dangerous, so be sure you have the right anti-virus software. Aside from protecting you while web browsing, it also gives you an indication as to which sites are dangerous, before you even visit them. Many anti-virus programs also have a feature where in the web browser search results, you can see which sites should be visited with caution. That’s part of dealing with ransomware.

Avoid Suspicious Links 

Aside from suspicious websites, always be careful when clicking links, especially in emails. Many times, the email may seem legitimate, and it might even appear to come from someone you know. Upon clicking the link, though, your device could end up getting infected with ransomware. Always be sure you know the link is completely valid, and don’t trust emails that seem too suspicious when you are dealing with ransomware.

For more useful computer tips regarding dealing with ransomware, feel free to contact us today at AE Technology Group. We look forward to hearing from you, and assisting you in the best way possible.

Protect Yourself From Ransomware With These 5 Tips

protect yourself from ransomware with these 5 tips

You can protect yourself from ransomware. Ransomware encrypts your files and holds them hostage so that they cannot be accessed. There is usually a demand for money, often in the form of Bitcoins, in order to decrypt the files for use. A new strand of ransomware has been found recently that even asks the victim to help the scammers infect at least 2 other devices in order to free up their files for use. Ransomware is a nasty form of malware that is growing in popularity. Here are 5 ways to protect yourself from ransomware.

Protect Yourself From Ransomware With These 5 Tips

  1.  Make sure your anti-virus software is up to date. Installing anti-virus and anti-malware software and keeping it up to date is important to protect your devices. New versions of malware are released often. If your software is properly updated and can detect new versions of malware as soon as they are released, then you stand a better chance of avoiding an attack.
  2. Back up your files. Backing up your files is important because malware encrypts and restricts access to your files. If your files are backed up on your PC, you may be able to restore them if you are attacked. It is a good idea to back up files to the cloud as well in case you have files that are backed up on your computer that are also encrypted by the ransomware.
  3. Do not click on links in emails from unknown sources. If you get emails from companies that look real but something seems off, do not open them or click on the links. Delete it or contact the company directly and ask for more information. For example, you may get an email saying that your social media account is suspended and you need to click a link and provide your details to unlock the account. This is probably a phishing scam. The link could contain malware.
  4. Don’t download software from third-party sites. Beware of third-party sites offering free or deeply discounted versions of popular software. These apps often contain malware and viruses. Always download software from the official site of the vendor, ex: Apple App Store, Google Play Store, etc.
  5. Contact the police if you become the victim of a ransomware attack. If you become the victim of a ransomware attack be sure to contact the police and make a report. They will be able to advise you of what to do regarding paying the ransom. They will be able to collect information from the demand and investigate to track the criminals. Paying the ransom could lead to further attacks and depending on how you pay, it could compromise your other accounts. Your files may not even be decrypted after you make payment. It is not always the best idea to pay without consulting the authorities.

Make sure that anyone who uses your business computers and other devices knows how to avoid ransomware attacks. Protect all of your devices including smartphones and tablets. For more information on ransomware protection, contact us.