Computer users are familiar with viruses and malware but the term ‘ransomware’ is a relative newcomer brought to prominence after several highly publicised cases. In 2014 the Sony attack brought ransomware into the headlines costing the company millions and effectively taking the entire company’s computer network offline. Attacks have continued to rise with 2016 expected to reach a new peak and with more sophisticated forms. In April 2016 a cryptolocker variant which had users home addresses started to appear tricking people into thinking it was legitimate link.
The principle behind ransomware is straightforward, a user’s computer becomes infected via one of the normal routes such as clicking on a URL in an email but instead of installing a virus which is annoying or disruptive, the software encrypts all, or a subset, of the user’s files rendering them unreadable unless the user agrees to pay a ransom to recover the key to un-encrypt them. With modern encryption techniques there is no realistic way of un-encrypting without the key.
Alongside the rise of ransomware users are increasingly taking advantage of file synchronisation services such as Google Drive, Microsoft OneDrive, Drop Box & Box which are great for maintaining files across multiple devices and providing a transparent backup of files. The downside of these services is that if a file becomes corrupted or infected with ransomware such as Cryptolocker on one device the damaged or infected file quickly replicates across all devices.
For event staff sharing files across teams and sending out links to files on cloud based services the risk is high. It only takes a moment, one click on a URL in an email from a known source and suddenly you have a potential disaster on your hands at a critical moment.
Avoiding infection is always the most desirable approach and there is no excuse for not running a real-time virus scanner with up to date virus definitions. There are plenty available and some of these are available free or built into the operating system as with Microsoft Windows 8 and 10. No virus scanner is infallible but they are an important line of defence.
Taking a few moments to double check an email or URL before clicking on it can save hours of frustration – the scammers are well versed on how to make an email and URL look genuine. Better still, don’t click the link but login to the cloud service directly from a browser and navigate to the new content – it takes a few moments longer but is much safer.
The proliferation of file synchronisation services has tended to mean people focus less on traditional backups but this can create a data recovery disaster if a user suffers a ransomware attack as all instances of the files become infected. The solution is to ensure that multi-version file history is enabled. Each of the synchronisation services provide this in slightly different ways and to different levels (in some cases it is a paid extra) but the principle is the same – when a file is changed the previous version (or versions) are still stored and can be reverted to. If you suffer an attack you can revert to an earlier, non-infected version.
For extra piece of mind, especially for critical documents, a weekly backup onto a USB memory stick or a writeable DVD which is then put away in a secure location is cheap and effective. Spending a few minutes now to make sure you have a backup strategy can save hours of time, stress and potential cost at a later date as sadly these attacks will continue to increase in frequency and sophistication.