Back to Backup Basics

The threat of ransomware is real, and the only way to fight it is with proper backup for your files.


It’s April 28, and Jack has finalized the last of his 30 clients’ personal tax returns. The only thing left to do is to efile. “Phew,” he thinks. “I’ve survived another tax season.” Just before he signs out, he clicks a joke in one of his emails and a message pops up. “Your files are encrypted by CryptoLocker. You only have 96 hours to submit payment. If you do not send money within the provided time, all files will be permanently encrypted and no one will be able to recover them.”

Jack’s been hit with ransomware — software that’s designed to block access to a computer system until a ransom has been met. He can’t efile any returns because his network is encrypted.

The threat of ransomware is real, and it affects both individuals and organizations. Unfortunately, ransomware doesn’t give you many options. You can cut your losses or pay the bounty. And even if you pay, you might not get your files back.

TYPES OF RANSOMWARE

Yesteryear’s viruses have morphed into nasty malware designed to extort money from its victims.

Scareware, for example, will freeze your browser, show you a message claiming you have malware and will tell you that the only way to get rid of it is to buy and run a specific antivirus software. A quick scan from your existing antivirus software will identify and remove this ransomware from your system.

Screen lockers do exactly what their name suggests: they lock up your whole system, not just your browser. Many of these have official-looking pop-ups that appear to be from the FBI, for example, stating that illegal activity has been traced to your computer. It tells you that a fine must be paid to unlock your system. Running your antivirus software from a bootable system device or a system restore will usually return your system to normal.

Encrypting ransomware is wicked. It encrypts your files and demands payment to decrypt them. Antivirus software or system restore will not work. You either pay the ransom or you wipe your systems clean and restore from backup.

In its September 2016 Threat Report, Intel Security noted that ransomware attacks are up 3,000% since 2012. It is only logical that ransomware will soon start to hit devices that we normally don’t think of as computers: cars, cellphones, Android-powered smart TVs and Internet of Things devices, to name a few.

RANSOMWARE PROTECTION

Your teams should be taught to recognize the dangers of opening attachments from unknown people, and to avoid clicking on suspicious links. Remind them about phishing scams, where cybercriminals try to gain information by disguising themselves as reputable organizations. And encourage common sense. If it seems like it might be suspect, it most likely is.

Next, incoming email must be scanned and filtered to block all known threats. A must-do in today’s environment is to ensure your operating system has all patches applied so all known operating and application code security weaknesses are eliminated. Running a well-known malware scanning software will minimize the chance of a ransomware attack.

Finally, be prepared with a data backup system. Most of us have become lax with our backup as equipment failure is infrequent these days. Only proper backup solutions can ensure access to your files in the case of a ransomware attack.

No matter how tedious, you need to create, review and update the backups of your data on a regular basis. You can use USB drives to save new or critical files for immediate access when time delays can’t be tolerated — just remember to physically disconnect the USB drive after each use so it can’t be infected with ransomware.

This post was originally published in CPA Magazine