Written by Brady Maguire
Happy Holidays from MIN-NS. This time of year, there is a lot of atypical email being circulated, which provides a perfect opportunity for malicious senders to sneak their way into your mailbox. Having had personal experience with trying to clean up malware on an infected computer, I can say, it is not a good time for the user or the person cleaning it up.
Specifically, ransomware is a particular flavor of malware that can be a nightmare to deal with. Ransomware compromises systems in one of two ways; by encrypting all of the data on a computer, while storing the key to the encryption on the attacker’s server, or, by completely locking the computer until the ransom is paid. Basically the encryption ransomware takes a picture of the user’s data, chops the data into a million pieces, and holds the picture for ransom money. There is no way to decrypt the data without having the key. Lock screen ransomware locks the computer and displays a message with information about who to pay in order to regain access. A lot of the lock screen varieties display false official or government emblems, trying to make the user believe the government somehow locked their machine. Often times, the best option becomes to just pay the attackers their ransom and get the key to decrypt the data, or unlock the computer, the problem being, there is no way to be sure the attacker will deliver the key. The ransom amount is usually low enough that it is less troublesome to pay the ransom, than it is to lose the data and rebuild the computer’s operating system. Scary stuff right?
The good news is, ransomware is always contracted by user behavior, and if we all are conscious of our behavior, we minimize the risk of becoming infected. Below are some ways to negate the risk of being infected:
- Email: always be aware of what is in your mailbox, if you see something that doesn’t look right, it probably isn’t. The best bet when you contact a suspicious email is to contact IT/IS and ask them to have a look, better safe than sorry.
- Websites: Visiting unsafe or unknown websites can be a risk too. Be deliberate with what you are looking for on the web, and aware of where your browser is going.
- Downloads: in an enterprise environment, always follow policy for software installation, even for the little things. Something as simple as downloading an excel add-in from a bad source could leave your machine infected.
- Links: Clicking links sent in other forms than email can also result in an infection. Same as email, if something is suspicious or out of ordinary, contact your IT/IS department and have them take a look.
We don’t always have to be scared of everything we click, but a constant awareness of what may be out there can go a long ways. Malware is out there, more and more all the time, if we can learn how to avoid it before it happens, we can save the headache and embarrassment that come with a computer being infected. I hope this has been beneficial, above all, Happy Holidays from everyone here at MIN-NS.