Smyth Retail Systems, Inc.

Software That Thinks Like A Merchant

Menu

Ransom-ware strikes again!

By

Recently, one of our customers was a victim of ransom-ware.

Ransom-ware is a type of malware that prevents or limits users from accessing files on their system. This type of malware forces its victims to pay the ransom through certain online payment methods in order to grant access to their system or lost files. Our customer had the worst type of ransom-ware: a Trojan virus that encrypts  picture, music, video, pdf, Word, Excel, PowerPoint files and text files. These files are encrypted using a complex encryption key and there is no way to decrypt these files except to get the key and pay a ransom to the criminal.

There are two ways that one can be infected:

Weak network security:

  • Lack of a firewall.
  • No anti-virus or malware detection loaded on all machines.
  • No password policy in place for user accounts, servers and routers. How many are still using vendor supplied default passwords, or have the same password for all accounts?

Human Error:

A user inadvertently clicks on a link that downloads the malware program. Even with good network security this opens the door and invites the virus in, right past all the security measures.

What do I do now that I am infected?

The only way to get back to normal is to restore the infected files from backup. This customer has AppAssure which is a program that starts with a full backup and then performs incremental backups. All of this data is stored on the AppAssure server located at the customer’s site and then it is backed up to the cloud. With AppAssure, files were restored in one day and the customer was whole again. Carbonite also offers reliable backup software.

This could have been catastrophic if the customer did not have a backup solution! Even with protection, it caused downtime, fees for technical recovery services and frustration that kept them from focusing on their business.

Please review your network, implement strong network security practices, and train your employees not to click on a link they do not understand, or THIS COULD HAPPEN TO YOU!

Printer Friendly Version

Comments

  1. Thanks for this informative post. It’s so important to stay on top of things that could harm your system, so you can make sure you’re protected!

Trackbacks