Ransomware is a type of malicious software that blocks access to the victim’s data or threatens to publish or delete it until a ransom is paid. Any action is possible once device or system is infected and there is no guarantee that paying the ransom will return access or not delete the data. Simple ransomware may lock the system in a way which is not difficult for a knowledgeable person to reverse. More advanced malware uses a technique called cryptoviral extortion, in which it encrypts the victim’s files, making them inaccessible, and demands a ransom payment to decrypt them. The ransomware may also encrypt the computer’s Master File Table (MFT) or the entire hard drive. Thus, ransomware is a denial-of-access attack that prevents computer users from accessing files since it is intractable to decrypt the files without the decryption key.
Electronic devices like computers, smartphones or tablets have become inseparable elements of people’s lives and businesses. They have changed the way we communicate, work, study, buy things and travel. But what if all of a sudden we are refused to use e.g. the computer at our work and we lose the access to our important data that are the basis of the uninterrupted workflow? How much are we capable to pay in order to get our data back? The best solution is not to digress about what to do if we are hacked, but to stay protected.
Ransomware really is as black as it is painted. It puts you in a difficult position, so you should definitely know how to protect yourself from it. Especially when you take into consideration the latest issues with the ransomware cryptoworm named, ironically enough, WannaCry.
About WannaCry – how one worm conquered the world
WannaCry, also known as WannaCrypt or WannaCrypt0r 2.0, is a ransomware type of malware targeted mainly at computers with Microsoft Windows, created by a group named Shadow Broker, who sent a malicious code on an auction somewhere in the pit of dark net.
The WannaCry attack was lately a massive cyberattack with approximately 300,000 victims worldwide, among which most victims were public institutions and offices (e.g. the NHS, an English healthcare system, FedEx, Renault, Nissan or Megafon). According to experts, WannaCry was scanning local networks while also encrypting the data, later infecting all the systems in the network that were not also updated (and therefore contain system bugs used by hackers). That is the reason why it spread all over the world so fast.
WannaCry encrypts the data and forces to pay the ransom via Bitcoin. What is worse, the ransom payment process is so complicated (and manual!), that it’s actually difficult to unlock the files, because hackers need to approve all cases of data decoding. In other words, even if a victim pays, it does not mean that a computer will be restored.
WannaCry hackers have already said that was just a beginning, and they will introduce new malware to further spread their ransomware worms. And users can now clearly see that it just a matter of several hackers and some unpatched, not updated and old operating systems to block even big a multinational delivery services company. How to protect yourself from such attacks then? Here’s our safety decalogue:
Keep your operating system always updated
Update your browser and plug-ins
Use pop-up blockers
Review your digital assets
Invest in an anti-virus with a real-time virus scanner
Grant permission to access your files only to authorized users
Don’t download and install attachments from unknown sources
Don’t use unauthorized applications
Keep secured copies of your data
Don’t forget about regular backups of your critical data to off-site locations
Bring ransomware down a peg with Open-E JovianDSS
As it has been described, the first line of protection against malicious software is to stick with a set of safety habits. Additionally, you should regularly back up all your business data. Generally, companies of all types should invest as much as possible in reliable backup mechanism.
Open-E JovianDSS reaches the data protection against ransomware expectations of all businesses of all sizes thanks to its Off-site Data Protection feature. This feature enables creating automatic snapshots of all your data and keeping them as multiple copies of data at different point in time and additionally asynchronously replicating them to either local or remote destinations as a backup. The rotational-snapshots and replication in Open-E JovianDSS are created according to an advanced retention-interval plan that can be set according to specific user needs. In case of a ransomware attack (or other disaster), your crucial data can be restored instantly from one of multiple snapshot or off-site backup copies.
So far, the Off-site Data Protection feature can be managed via the Command Line Interface (CLI). Stay in touch with Open-E as soon the feature will also be available via GUI, which makes the whole backup process easier and faster than ever. In the meantime, use our how to guide to set up Open-E JovianDSS Off-site Data Protection and High Availability .