Home » Fixes » How to Avoid Ransomware / CryptoLock

How to Avoid Ransomware / CryptoLock

What Is Ransomware:

In short ransomware or cryptolock threats are a form of malware or virus that either:

  • Locks up your files with a secret password then forces you to pay money to get them back (cryptovirus).
  • Threatens to publish your information if you don’t pay a ransom

They do this by getting a user to click on a malicious link or run an infected application. This application then either encrypts the files on your device or sends them to the person running the extortion. You are then told how to pay to get your files back.

Should you pay the scammers?

Normally no. The FBI and other organisations say not to pay as it only encourages people to keep using this type of extortion. There is also no guarantee that having paid they will do what they have promised to do. However, if you do have something irreplaceable, then taking a chance that they will unlock your files might be worth taking. Extortion only works if the people being threatened believe they might get what they want by paying. Black mailers have a vested interest in making sure people will pay so often do provide an unlock mechanism.

How can it affect your business?

  • Locks you out of your own files until you pay a the criminals a fee
  • May disable the functionality of your computers and systems, leaving you unable to do business
  • Has substantial costs to your business — you may not be able to access data or systems without paying a ransom (with no guarantee the cyber criminal will unlock your files). Clean up costs from an IT expert to find the issue and fix it
  • Privacy breach issues, loss of trust and damage to your reputation in the eyes of your clients

First steps towards being protected

  • Keep your antivirus software and operating system up-to-date as new ransomware variants appear on a regular basis
  • Be wary of unexpected or suspicious emails that contain links or attachments
  • Backup important data and protect it appropriately (or offline) so you still have access to information in the event of a cyber attack
  • Educate staff and instruct them not to open emails or links that look suspicious
  • Do not accept Word or Excel or other MS Office documents unless you need to edit them or know who they are from and that they have sent them
  • Always get clients to send you information using PDF
  • Don’t click on links in files or web pages unless you are sure they are trustworthy.

We recommend using PDF to send out information and encouraging clients / suppliers to do the same. Word, Excel and other office documents can contain malicious code (the latest Sigma ransomware was via Word documents). The only time you should send or receive Word / Excel documents is if you need to edit or change them. If suppliers / clients are sending you documents in word format then encourage them to convert them to PDF first. Never open a Word / Excel / Power-point document unless:

  • You know who sent it
  • And you are expecting it
  • And they have told you it is coming

Even then if it asks you to allow elevated privileges, type in codes or does something a bit peculiar, don’t!

Also be aware, links in PDF documents can send you to malicious sites. Unless you trust the sender, don’t click on them.

Information on how to save your Word / Excel documents as PDF files can be found here – At Microsoft’s site.  https://support.office.com/en-us/article/save-or-convert-to-pdf-or-xps-d85416c5-7d77-4fd6-a216-6f4bf7c7c110