Just a quick heads up.
I just got off the phone with Dominic from the ABC Mid North Coast News Room. He interviewed me about the effect that Ransomware was having on local business and households.
It sound like the interview will run some time between breakfast and Lunchtime tomorrow(14/02/2018).
Here’s a link to the ABC Mid North Coasts website, a full version of the interview will be posted here. Click Here to Go to ABC Mid North Coast
In the meantime here is a general run down on what we will be discussing. It’s not just for business. It’s for anyone that values the data that resides on their computer.
Ransomware: Protect your IT or pay the price
You’ve probably heard of ransomware. It’s the malicious software that’s easy to download, but very difficult (and costly) to get rid of.
And, it may be coming to a PC, phone or other smart device near you.
At least four of my Port Macquarie clients – an accountancy firm, a medical specialist, auto parts retailer, and a home based share trader – collectively had to pay over $30,000 in ‘ransom’ recently to get back data locked up by digital extortionists who targeted them at random.
Backing up data to one or more external USB drives will not stop ransomware. The only way to guarantee your data is protected is to use a NAS (Network Attached Storage) system, a small file server that uses encrypted usernames and passwords to protect data. More on NAS solutions later.
Here’s how ransomware works
Ransomware software is typically embedded within a harmless looking email. The software disables a computer’s antivirus software and backup systems before effectively holding the data ‘hostage’ with an unbreakable 512-bit digital encryption key.
With the data securely locked, the attacker demands a ‘ransom’ in return for the key that will release it.
The ransom is usually paid in bitcoin because the digital currency’s trail is difficult to follow.
There was nothing I could do
Although the accountancy firm was not my client, I was engaged to assess the damage.
And, for the first time in my 20-year career in IT, I had to tell someone that there was absolutely nothing I could do.
It was very traumatic: I felt like I was telling him that there had been a death in his family.
His accountancy business had effectively disappeared. His client’s files, ATO applications, business accounts, the work templates he’d built up over years… everything was locked up and there was no way to unlock it without paying the ransom.
Just the ‘tip of the iceberg’
Initially working day and night, it took me six days to assess the scope of the attack, help to arrange payment and secure the encryption key that unlocked the data.
And, the truly scary thing is this: Once the ransom is paid, there’s no guarantee the key will be sent. Many companies have been left out of pocket and with no way to access their files.
I reckon these four were the tip of the local ransomware ‘iceberg’. It’s likely there have been – or will be – other local victims.
Arrange for a security audit
All computer users – not just business owners – should have strong passwords on all network accounts and be vigilant checking emails they receive. You should:
- Scrutinise new emails while they are still in your inbox.
- Check the sender’s address before opening it or clicking on any web links within it.
- Get me to conduct a thorough security audit to determine if you need to take additional precautions and advise on how best to protect your network and data.
The people who make malicious software and Trojans are well aware of the security measures IT professionals like me can take. They adapt their malware viruses to counter the safeguards we devise and, although the IT industry is constantly trying to come up with ways to stay ahead we, are not always successful.
The solution that beats ransomware
The cost of the NAS, installing the software that runs it and the dual 4TB hard drives that make up the solution is around $1650 for a single desktop, and $150 for each additional computer. For companies running a server, an NAS solution costs around $2800, depending on the hardware required.
Depending on configuration requirements, the NAS runs two 2TB or two 4TB drives that are specifically designed to run around the clock in a NAS environment. Hardware or backup failures, intrusion attempts, and maintenance notifications are sent via email to the network manager.
The NAS also has three USB 3.0 ports. Whenever an external drive is connected to a port, all backup data is automatically copied to the external drive from the NAS. Once the copy/transfer is complete, the user receives a notification email telling them the drive can be removed from the network – ideally to a separate location.
This procedure guarantees safe data backup, proactive notification, and offsite and onsite protection.
Need more advice on protecting your date from malware? Give me a call directly on 0419 197 171 or call the office on 6583 9290.
Home & Office Computer Solutions