Ransomware can be defined as one of the malicious types of virus codes created by cyber ransomers with the intent to hold personal data or files hostage for ransom money. The virus encrypts your files and demands a specific price be paid in exchange for the password to unlock your information. We at True Blue Network Solutions sat down for a conversation on how ransomware affects its primary targets – small businesses.


How does this virus get onto my computer?

Ransomware has a few delivery methods, the most common of which is via infected emails. In particular, ransomware emails are convincing because they can pose as an email from someone you know with what seems to be legitimate files to download. When opened the program code is very small and you may not notice at first that it is there.


How do I protect myself from ransomware?

It is difficult to have great protection from ransomware since new viruses are being created all of the time but there are a few steps that everyone can take to best protect their systems:

  1. Always keep your antivirus software up to date.
  2. Don’t open suspicious emails especially with attachments. This can download a particularly dangerous version of ransomware.
  3. If you feel that you are computer savvy enough to use a free program to help prevent ransomware, go here to download. Only take this step if you are familiar with Group Policy. If not, ask your IT expert.


How do I know if I have ransomware on my computer?

You’ll know. You will start to notice error messages about your files being encrypted. Once downloaded, the virus starts encrypting your files and they become stuck behind a password. Your data is still there, you just need the password created by the virus in order to unlock it. Often the passwords are incredibly long; up to 617 characters, so guessing the password is virtually impossible. Some programs may also become encrypted and not function, but the virus will leave your operating system alone so you can view the error messages and pay the ransom.

There will also be a new file along with your now encrypted files named something like “ransomware” or “read me”. This ransom note will tell you that your data has been encrypted and that you need to go to a website (given in the message) to pay the ransom by credit card. This typically has a deadline and a set amount requested and if the ransom has not been met by the deadline (typically within 3 to 5 days of download) then the price increases, possibly doubling.


What do I do if I get one of the ransomware viruses?

You always want to get rid of viruses, plain and simple.

  1. As soon as you suspect it, pull the plug of your computer. This is particularly important for laptops since people often think they shut off when the lid is closed – they do not. Turn it off all of the way. Pull out the battery if you need to. For every second that goes by after the virus downloads, it will spread to more files. Trying the stop it if you don’t know what you’re doing will give the virus time to do more damage.
  2. If you have an IT expert, call them. If you don’t, get one. That person will try to recover your files to a previous unencrypted state. They may or may not be able to recover them. If you don’t have a competent backup solution to recover from, you are sunk. With it, you may be able to get your lost versions of files back. Without it, you are at the mercy of the ransomer.


On Paying the Ransom

I’d like to share a bit on paying the ransom. Without payment, you will not get the password from the ransomer. However, some ransomers have already been caught by authorities. While this is a good thing, there is no way to get passwords back since this person’s operation has been shut down. This is a virus, remember, so it will continue to infect systems long after its creator is no longer working behind it.

The original creator of the first ransomware virus was caught by authorities. His passwords are posted online at decryptcryptolocker.com. If you are lucky and you have a virus from this ransomer, then you may be able to get your password from this site. This is a slim chance since so many other copy-cats are creating ransomware viruses now.


Your Best Protection

The best way to protect yourself is to have a competent backup. Every bit of information that is critical to you or your business should be backed up. No exceptions – anything which is not backed up can be encrypted. Backups themselves can become encrypted, too, and this is why a serious backup solution is necessary. From this, you can recover your files without needing to pay the ransom. One of the best solutions is a daily off-site backup which leaves your office or is done by an off-site service.

We hope this clears up some of the confusion about this new class of virus. Our team is always happy to discuss customized information technology solutions for your business which always includes recommendations on backup solutions and virus protection.