what I need to know about ransomware
ransomware is in the news again in South Africa. City Power in Johannesburg have become victims and have lost access to their systems as a result. this is already causing problems for people who cannot purchase pre-paid electricity and is a stark reminder that just because someone runs critical infrastructure does not mean that they do everything properly.
Ransomware is a type of malware or "virus" that encrypts whatever it can on your system and demands a payment to provide the encryption key. although this would sometimes be provided, firstly you don't know that you will ever get your files back and secondly, you would be encouraging the criminals to continue their work by paying them.
firstly, you should avoid the ransomware risk in the first place. be very strict about the use of non-approved usb sticks, the use of work systems for personal use and in training people about the risks of malware dressed up as legitimate or entertaining email messages or im chats.
secondly, you must always have your systems backed up. if you lost all your systems to ransomware then you should easily be able to recover it. backups are cheap and relatively easy so no excuses!
thirdly, do not use a third-party to unlock your files for a fee, they will very possibly pay the attacker a smaller amount and pocket the difference. Any legit companies will both prove they can decrypt the ransomware and very often for free or very little.
fourth, install anti virus and make sure it stays updated. they can't always catch the very latest malware but it doesn't take long for the programs to update after a new virus is spotted and added to the dictionary.
fifth, your systems absolutely need to be segmented. why would an office machine have access to other important systems like database over a network share? at most an app would have a database connection but that wouldnt allow ransomwae to do anything. segmentation is so easy and is built into most modern network switches.
lastly, play out what would happen if your systems were all encrypted by malware. literally what would you do and how would you do it? how long would it take? a little effort up front could save you not just embarrassment but possibly the future of your company.
Ransomware is a type of malware or "virus" that encrypts whatever it can on your system and demands a payment to provide the encryption key. although this would sometimes be provided, firstly you don't know that you will ever get your files back and secondly, you would be encouraging the criminals to continue their work by paying them.
firstly, you should avoid the ransomware risk in the first place. be very strict about the use of non-approved usb sticks, the use of work systems for personal use and in training people about the risks of malware dressed up as legitimate or entertaining email messages or im chats.
secondly, you must always have your systems backed up. if you lost all your systems to ransomware then you should easily be able to recover it. backups are cheap and relatively easy so no excuses!
thirdly, do not use a third-party to unlock your files for a fee, they will very possibly pay the attacker a smaller amount and pocket the difference. Any legit companies will both prove they can decrypt the ransomware and very often for free or very little.
fourth, install anti virus and make sure it stays updated. they can't always catch the very latest malware but it doesn't take long for the programs to update after a new virus is spotted and added to the dictionary.
fifth, your systems absolutely need to be segmented. why would an office machine have access to other important systems like database over a network share? at most an app would have a database connection but that wouldnt allow ransomwae to do anything. segmentation is so easy and is built into most modern network switches.
lastly, play out what would happen if your systems were all encrypted by malware. literally what would you do and how would you do it? how long would it take? a little effort up front could save you not just embarrassment but possibly the future of your company.