Use data back ups daily. It is best to use an external drive for back up support or a cloud-based system such as DropBox or Google Drive.
I encourage you to use the KnowBe4 Cyber Security Training. There are options for both personal PC users, and corporate offices. Also, for anyone who has a PC Matic subscription, this training is FREE.
Update all software applications as soon as the updates become available. You can do this manually, or for home users PC Matic will do it for you. For business users, Tech Sentry Endpoint Suite includes a patch management feature.
Whitelisting only allows safe programs to execute effectively blocking ransomware, polymorphic viruses, advanced persistent threats (APTs) and zero-day attacks.
Fox News reports that there is a rash of ransomware hitting the United States. These attacks will only continue to grow in intensity and frequency and that's why we put together this Ransomware Survival Guide.
... and it's not just consumers being attacked. Corporations, small businesses and even government agencies are having their computer files held ransom - even local police!
Watch the video for a Fox News Special Report on Ransomware.
We're making a lot of progress, but like many other types of crimes... we're not there yet. It is still a problem. We clean up one, and another one shows up on the market."
Ransomware originated in 1989; however it wasn't until 2008 that the trend began to truly expand. It was then that the hackers were falsifying their identity's as the FBI demanding payment for a "fine" for "illegal activities". Unfortunately, the hackers learned how lucrative ransomware could potentially be and has been on the rise since. The last twelve months have shown the most growth in ransomware since origination in 1989.
Ransomware continues to increase in popularity for two reasons: 1). Victims are paying it 2). Advances in technology are making attacks easier. Regardless of the type of ransomware, the overall concept remains consistent - extort the PC user by encrypting their most important data.
If you have the FBI virus or one of its variants, then any of the reputable security products including the free ones such as Malwarebytes should be able to remove the virus and restore normal computer operations.
If you are getting a Crypto message, it means that the encryption has already been completed and the files are now lost.
Crypto uses a sophisticated encryption technique and there is no known decryption tool. If you have a recent backup, then use the backup rather than pay the ransom.
Without a backup, the only option to recover the files
is to pay the ransom.
Ransomware demands payment in Bitcoins and the cost has been known to vary from $500 to $10,000. A heated debate in the security industry is whether ransoms should be paid. When the ransom is paid, it feeds the ecosystem almost guaranteeing that the attacks will increase in frequency and severity.
Businesses run larger risks than home computers. Business documents are more crucial to its operations than personal documents. Crypto variants encrypt files across a corporate network exponentially increasing the damage. Reports show that businesses are more likely to pay the ransom than consumers.
You've just been hit with ransomware. Your entire world has been turned upside down. This guide will steer you through how to make it through a ransomware attack.
The reason that you have been attacked is because a lot of people and companies before you paid the ransom. This has allowed the cyber terrorists to invest in increasingly sophisticated attacks, until they got you in their net. If you are a business, you look at the cost of the ransom versus the cost of having your data lost. The problem is that paying the ransom has a cost on the rest of us, that just makes the enemy stronger and more confident. Of course some must pay the ransom, but first do everything in your power to restore back to normal operations without paying the ransom. Or perhaps, think of just biting the bullet and losing your files and moving on with life.
If you have been infected by ransomware, then a crime has been committed. The perpetrator is anonymous from a foreign country and payment is made in Bitcoins which further protects the criminal's anonymity. All that said, you should contact the FBI. I don't think that the FBI can find and meet justice on the criminals, but at least we can get an idea of the magnitude of our problem. The FBI reported that ransomware payments in 2015 were $24M, and that number jumped to over $200M in Q1 2016. That is what has been reported to the FBI. Most people don't know to report to the FBI and some that do are embarrassed to report their attack. We need a better idea on the magnitude. However, even just with the FBI numbers we have, the trends are alarming.
The reason you have been impacted is because your security software has not seen this strain of ransomware before. You need to advise your security software company that you have been infected, and then they will retrieve the ransomware from your computer. They will then add this strain to their black list. More importantly, all black list security vendors have sample sharing arrangements. Once it is on your security vendor's black list, over a short period of time, it will appear on all the other black lists of the other black list security vendor's. This will prevent that particular strain from spreading and infecting other innocent people. It will force the cyber terrorists to create a new strain of ransomware.
The reason why you are in this mess, is because your anti virus has failed you. You should drop them and choose another one. They will try to deflect and blame the ransomware on you. Obviously, you or one of your employees clicked on something they shouldn't have clicked on. Obviously, you should have had backups. But that does not change the fact that they should have identified and prevented the attack in the first place. Not all black list security are the same. In fact, some are frightingly bad at detecting new threats like ransomware. By dropping your incumbent security vendor, you will be sending them a message that misdetecting a ransomware file is unacceptable. Now you need a new antivirus product. Which one should you choose? It is harder than ever to choose a new one. Now that you have been hit with ransomware, you want a security product with good detection rates. Perhaps one of the best places is to look at independent tests. Some of the larger and more respected tests are Virus Bulletin, AV Test, AV Comparative and SE Labs. If a product is not participating in public tests, a safe assumption is that they don't want their detection rates to be known. Ask your friends and colleagues what products have they used.
The world is changing and things someone once thought were safe, no longer are safe. One great way to keep abreast of the latest trends on what tactics the terrorists are employing is security awareness training. Our partner is KnowBe4 and whether you are a novice or an expert, everyone can benefit from security awareness training.
If you looked through the latest independent tests, you will have found that only PC Matic consistently wins. In fact, as of this writing, we have won two tests in a row. The reason is that PC Matic does not protect using a black list of known bad files. PC Matic tracks a list of known good files. If it is not known to be good, then PC Matic blocks it from executing. That includes ransomware and almost any other modern attack.
Our customers do not get infected.
Once you are a PC Matic owner, your work is not done. Although you will be protected from ransomware, the terrorists will not stop attacking the unprotected. We need you to become a fanatic and tell all your friends, colleagues, relatives and the IT staff at your place of work to get PC Matic or Tech Sentry.
Become a PC Matic Fanatic.