Yet Another RansomWare

June 28, 2017

Last month we had the WannaCry Ransomware attack. WannaCry was squashed by the discovery of a “kill switch” that killed WannaCry. But now, this month, there’s a new one called Petya. Like WannaCry, Petya has mostly affected Europe. However, it has affected the US. One of the victims in the US was the Pennsylvania’s Heritage Valley Health System. No “kill switch” has been found for Petya yet, but it’s only been a couple of days. Hopefully they will find one and kill it.

We like to keep you informed about this because we have several customers who have lost important data to RansomWare infections. RansomWare doesn’t reveal itself until it’s too late. It works in the background encrypting your files and once encrypted, it reveals itself. At that point, you have two options. You can pay the ransom, or restore from backup.

We strongly discourage everyone from paying the Ransom. Don’t let these criminals profit from their crimes. That’s why it’s so important to have a good backup. But not all types of backups protect you from RansomWare. If you back up to an external hard drive, for example, RansomWare will encrypt that too so you won’t be able to restore from backup.

You need a backup that can restore previous versions of files. That’s why we recommend Carbonite for residential customers and CrashPlan for business customers. These online backup services allow you to restore previous versions of files. This is important because when the RansomWare encrypts your files, those encrypted files are backed up. Even to services like Carbonite and CrashPlan. That’s why you have to be able to restore previous versions of files because the most recent version that was backed up was encrypted by the RansomWare.

But having a good backup is Plan B. Plan A is preventing the RansomWare infection in the first place. That’s where really good security is a must. The best security you can get is through our Security And Maintenance (SAM) plan. Not one computer covered under the SAM plan has ever had its files encrypted. We had one SAM customer who got one of those fake emails from Fedex and opened the attachment. The RansomWare got on his computer, but our security kept it from encrypting his files so all we had to do was remove the RansomWare.

In summary, make sure you have good security to avoid RansomWare, be careful what you click on and what you open, and make sure you have a good backup system that allows you to restore previous versions of files. Do that, you will lessen your chances of getting a RansomWare infection, but if you do, your data is protected.

Leave a Reply