According to a Sydney Morning Herald article, the first police-themed ransom malware (a.k.a. ransomware) appeared in Australia in late 2012. There are various versions of this around the world. A recent experience for one of our new clients was to be asked to pay 300 Euros or else lose all their data!
The police based ransomware demands you pay a “fine” to unlock your data while under investigation of software piracy or child pornography.Although they may or may not appear in the cloak of the local police, there are two forms of ransomware.
The first one locks your screen and keeps you from accessing your data and is generally easy to remove with antivirus software (or system restore). The second one is more destructive and begins to encrypt your data, which makes it impossible to view your data even after removing the virus. These more vicious versions require a password key which is very difficult to deciphor.
In the best case scenario, you have backed up your data and can easily restore all your files. In a worse case, you lose your data or pay the ransom (with a chance of still losing your data.)
Your business needs to have a plan to minimise risks from data failures such as this. Put preventative measures in place (such as below) and know how long it takes to get your operations back on-line.
- Keep your antivirus and operating system software upto date.
- Install local and cloud based back-ups.
- Do not click on attachments or links from e-mails or websites unless they are reputable
Calculate cost of potential downtime or data loss
If above preventative measures are taken, you will minimise losses. However, planning for the worse requires you to understand how much it would cost you if you lost your data. There are two components: Downtime & Loss of Data. Downtime often reduces your revenue or increases your operating costs, while loss of data could put you out of business. Knowing the value of your data, from customer data to financial records is important as this gives the business owner(s) an appreciation of why they need to invest in a good IT system and/or IT team.
Getting your operation back on-line
Once you know the cost of downtime or data loss, you can put appropriate systems in-place to keep your enterprise moving. The more money you could lose, the more you need to invest in high availablity systems with multiple back-ups. One of the pivotal things you’ll need (to ensure your system is easy to restore and back-up) is virtualisation.
If your servers are virtualised, your options to back-up, move and/or restore your systems and files are increased. The back-up software we recommend is from Storagecraft which has a variety of options for local and cloud based back-ups. In addition, Storagecraft has software options which allow you to restore your servers and data easily while keeping your operation fully backed up.
The best solution is to take preventative measures and plan how you’d get your data and operation back on-line in event of failure. Having your servers virtualized and your data already backed-up are the basic steps needed for most businesses.
The above three steps are the easiest and most cost effective way to ensure you can restore ALL your data and remove ransomware at the same time. If you’ve invested in the right amount of high availabilty and/or back-ups, your staff may not even notice any downtime.
If you are having problems with viruses controlling your computer or server and would like a professional to assist you, call us on 1300 797 888 or contact us here.
- If you want to try fixing a ransomware problem yourself, this article on “Make Use of” gives excellent advice – “Don’t Pay-up: How to beat ransomware“, by Guy McDowell, published in April 2013. http://www.makeuseof.com/tag/dont-pay-up-how-to-beat-ransomware/
- Graphics from Australia Federal Police (AFP) based scam comes from “Aussies held ransom by nasty software” Sydney Morning Herald (SMH) article, published in November 2012.
- Information on Storagecraft’s restore options are here.
- See a YouTube example of Storagecraft software in use here
- For more information on ransomware see article in Wikipedia or Microsoft