Ransomware – the crypto virus

Ransomware is a huge pain in the butt! Most of you have heard of the crypto viruses and some have unfortunately had to deal with them. Here’s a bit of information that may help you protect yourself from these nasties.

What it is:
The most common way to get infected by a crypto virus is by opening an attachment in your email which contains malicious code. Typically it will be an office document with macros imbedded.
After the macro runs, it installs a virus on your computer that will reach out to any files and folders it can find and start encrypting the data. Encryption is a process of scrambling a file so that it is unreadable and it can only be decrypted using a special key or passphrase. Of course, if you get the crypto virus, the people who made the virus do not share the decryption key with you. They will then charge you money in order to give you the decryption key. That is why it’s called ransomware… because they are holding your information for ransom.

How to deal with it:
We have a few ways to deal with ransomware and we recommend you have all of these in place.

  1. Proper backups, both local and offsite. We have seen the crypto virus encrypt data on a backup drive plugged into an infected computer, so you need to have an additional offsite backup of all your data to be safe. Restoring data can take some time, and some backup systems are way faster than others. Please contact us if you want some help checking or setting up your backups.
  2. Proper antivirus for your computer as well as your email. Once again, please contact us if you would like help setting up or checking the health of your antivirus. Please beware, new versions of crypto come out all the time and it takes time for the antivirus systems to update their definitions. No single antivirus system is perfect.
  3. Don’t open the questionable documents attached to email. Please be very careful with this. If you get an email that you are unsure of, delete it!

TCR is committed to helping our clients and community to avoid the crypto virus. For more information, please contact us. Thank you!