As many of you already know from news reports, this ransomware has spread rapidly since last Friday and affected hundreds of thousands of systems worldwide. So far, it seems to primarily be spread through e-mail attachments, and affects Windows PCs and Servers. Once it has been downloaded, it encrypts the files on the affected system, as well as any other files it can reach through the network, such as mapped server drives, and pops up a ransom demand. It’s difficult or impossible to recover your data once it has been encrypted, so this a very serious issue.
On the bright side, it is extraordinarily unlikely to affect most of you as long as your systems are up-to-date. Microsoft released a patch back in March that fixes the security flaw this ransomware takes advantage of, so if your PCs have the latest Windows security updates and patches you shouldn’t be affected even if you were exposed.
Ransomware has been circulating widely for several years now, and will likely continue to be an issue for the foreseeable future in one form or another, so there are a few things you should consider with regards to this issue, and others like it.
- Making sure your PCs and servers have the latest security patches. This is critical – if you aren’t sure this is happening, please let me know so we can verify.
- Downloading attachments is hugely problematic – most viruses and ransomware are spread through attachments at this point. If you are not expecting an attachment don’t open it, even if it is from someone you know – they may have been infected and their PC may be sending out viruses without their knowledge. If you aren’t sure but think it may be something you want, give the sender a quick call and verify that they intended to send you something. Also, consider sending files using a file sharing service like Dropbox or Sharefile rather than sending as attachments. These services are much more secure.
- Good antivirus and spam filtering can dramatically reduce the risk of these types of issues – nothing offers perfect protection, but making sure you have up-to-date, quality virus protection greatly reduces your risks and an offsite spam filter can stop most viruses before you download them in the first place.
- Have an offsite backup. If you don’t already, consider a cloud backup service like Carbonite. If you do get infected, ransomware can encrypt your backup drive(s) as well as you actual PC and server, rendering your backups useless. It is critical to have an offsite backup. I like Carbonite because it’s secure, HIPAA compliant, and runs automatically without the hassle of a staff member having to remember to swap backup drives and make sure one gets offsite. However you are doing it though, it is absolutely critical that you have an offsite backup of your data.
That’s about it for now. Be careful out there with your downloads and attachments, and as always, please let me know if you have questions.