Ransomware

Over the weekend you may have seen various news reports of a worldwide ransomware attack hitting thousands of networks.

Ransomware is a form of malware (bad software designed from some  harmful or illegal purpose).  It encrypts all of the files on your computer then notifies you that if you want the description key, you must send the author money in exchange for the key.  Without that key, you will never be able to open any of the encrypted files again.

Most ransomware needs to be invited onto your computer.  Hackers do this by tricking you into clicking on a link and agreeing to install it on your computer.  This one was a little more dangerous since once it gets into a local network it can attack any computer that has not been updated with the most current Windows security updates.

All firm computers are configured to update themselves automatically.  This is why you occasionally get notices from your computer that it will need to restart to install updates.  It is very important that you don't disable this function, even if it is occasionally annoying.

If, at home, you are using an older XP computer, or a computer that does not have updates turned on, you are playing with fire.  You are vulnerable not only to this but other attacks as well.  It's a bit like leaving your front door unlocked when you leave for work each day.  Nothing may happen, but do you really want to take that chance?

The firm's primary defense against ransomware is a good backup system.  If our network gets hit with ransomware, we would have to delete all the current file and restore from backup.  Longer term, we hope to put in place a document management system that will protect our files from such attacks, even if some computers on the network become compromised.

To read more about the latest attack, check out these articles from the BBC, NPR, and the Verge.