Ransomware is in the news a lot but most people don’t realize what it all means. For a long time, businesses and government have used file encryption to protect sensitive data from unauthorized access. A brief description of file encryption is a program scrambles the contents of a file using a “key” which is a small piece of data like a code word or number as a pattern for scrambling the data. This is done in a way that makes it virtually impossible to return that document to a usable state without using that same key to decrypt it. This is very useful in transmitting data across the internet where cyber-criminals can eavesdrop on data transmitted this way and your sensitive data is no longer secret. With encrypted data, the key is pre-shared separately from transmission of the data so the person with whom the key was shared will be able to easily decrypt and use the information sent to them as an encrypted file over the internet. This doesn’t stop cyber-criminals from being able to capture that information, but since they don’t have the key, there’s absolutely nothing they can do with it. It’s a very effective way of keeping confidential information secure on an internet that really not secure.
Of course, the cyber-criminals have found a way to exploit this technology for bad purposes. Enter ransomware which is a virus that attacks your computer and encrypts all of your files using the same technology I just described, with the significant difference that they don’t share the decryption key with you and it’s impossible for you to decrypt your own files without that key. That key is the object of the ransom. You are required to pay them a ransom, in return for the key to decrypt your files. This is typically via BitCoin since BitCoin is untraceable and the amount varies, typically much higher for businesses. For most people, just the logistics of paying by BitCoin is a huge challenge and it is not uncommon for the culprits to take your money and not give you the key so even after going through all the trouble, you’ve still lost your data. An attack on an individual where you are never able to recover those irreplaceable photos is deeply distressing and for most businesses, it can put them in a position from which they can’t recover and ultimately go out of business.
Getting hit by ransomware is a huge problem, even if you’re prepared for it. Once you’ve taken all the precautions you still have to go through a recovery process but at least you are able to get back to normal. If you’re not prepared, you can get back up and running but you start with nothing. A good backup is your most important defense, but even that requires steps beyond a normal backup because the ransomware creator knows this and targets your backup, as well. Even files you have password protected or even encrypted yourself are not safe, the only way you are truly safe is if you have your files backed up where the ransomware can’t touch them A simple defense is to have an external backup drive that you connect to backup your files and then disconnect when you are done. If you do this, make absolutely certain that you safely disconnect the drive before removing it or you risk corrupting that backed up data so it won’t be usable if you need it. It’s always good to have a backup but keeping it attached only when you are backing up, is a crucial step with this new threat.
There is still a problem with this approach. Even if you embrace it wholeheartedly, you’re pretty likely to forget at some point, even becoming severely complacent. In the past, you could attach the drive and configure your backup in a set it and forget it, model. This requires diligent action and most people will just forget and go for months with no backup. We have a variety of very practical approaches that not only allow you to safely have an unassisted backup but improve your overall backup strategy for conventional backup needs as well as give you strong protection against ransomware. The options vary a lot with individual configurations so the best option is to just give us a call so we can tailor the best solution for your need.