Important Notices & Announcements

Scheduled Third Party LNP Black Out Dates #20171007002

Monday, October 16, 2017 through Sunday, October 22, 2017

Scheduled Third Party Maintenance #20171007001

Sunday, October 8, 2017 between 1:00 am - 6:00 AM EDT

Planned Maintenance Notice #20161113001

Sunday, November 13th, 2016 between 3:00 AM - 6:00 AM EDT
Sunday, 10 April 2016 15:58

Ransomware alert issued by US and Canada following recent attacks

Rate this item
(1 Vote)

Every week seems to bring news of another case of ransomware.

It’s nasty stuff. Nasty enough that the US and Canada on Thursday issued a rare joint cyber alert warning about the recent surge in ransomware attacks, in which data is encrypted and crooks demand payment for it to be unlocked.

The plague doesn’t appear to be going away anytime soon. Why should it? It’s proving a lucrative swindle for cyber thieves.

Enabling the ransomware plague is the fact that many people and businesses aren’t protecting themselves by locking down their computers and files.

If you do get infected with ransomware, unless you’ve got back-ups or the crooks made some kind of cryptographic mistake, you’re left with either paying or losing your locked-up files forever: a prospect that’s caused many to pay up.

From the alert, distributed by the US Department of Homeland Security and the Canadian Cyber Incident Response Centre:

Infections can be devastating to an individual or organization, and recovery can be a difficult process that may require the services of a reputable data recovery specialist.

The alert provides these preventative tips to protect your computer and your networks from ransomware infection:

  • Back up your data, preferably on a separate device, and store it offline. That will keep your data safe not just from extortionists but also from natural disasters, such as floods and fires.
  • Use application white listing to help prevent malicious software and unapproved programs from running.
  • Keep your operating system and software up-to-date with the latest patches. Most attacks target vulnerable applications and operating systems.
  • Maintain up-to-date anti-virus software, and scan all software downloaded from the internet prior to executing.
  • Restrict user permissions for installing and running unwanted software applications, and apply the principle of “Least Privilege” to all systems and services. Doing so may prevent malware from running or limit its capability to spread through the network.
  • Avoid enabling macros from email attachments. Macros are how the Locky strain of malware got its hooks into systems: An email contained a document advising the recipient to enable macros, which then triggered malware-installing code to run. The governments’ warning suggests that enterprises or organizations might be better off blocking email messages with attachments from suspicious sources.
  • Don’t click on links in unsolicited email. For that matter, take care when clicking on links in an email that looks like it comes from somebody you know. As Mattel’s $3 million brush with CEO mail scams shows, crooks have gotten good at convincing you their scammy notes are coming from your boss.
  • Prevention’s all well and good. But what do you do if you’ve already gotten zapped?

Do not pay, the alert said, unsympathetically enough:

Paying the ransom does not guarantee the encrypted files will be released; it only guarantees that the malicious actors receive the victim’s money, and in some cases, their banking information. In addition, decrypting files does not mean the malware infection itself has been removed.

As a matter of fact, that’s what we have also advised. We don’t want to see money going to crooks. This is entrepreneurship we’d rather see starve.

So please, for the love of your precious data, don’t leave yourself vulnerable.

Like Canada and the US are urging, back up, patch, choke your login power, don’t click on unsolicited attachments, and don’t enable macros in document attachments that come in emai

Read 624 times

Media

Login to post comments

Highly Qualified And Friendly Support

We provide 24/7 service and support through a combination of online help, live operators, and our On-Call Technicians that come to your site when you need us.

Look at what we do for you!

  • Manage and maintain everything
  • Unlimited local and long distance
  • Easily add remote offices and mobile workers
  • Make moves and changes online
  • Free moves, adds, changes

Tons Of Useful Built-In Features

  • Toll Free Numbers
  • Call Forwarding
  • Call Screening
  • Caller ID
  • Voicemail to Email
  • Voicemail
  • Music-on-hold
  • Conference Calls
  • Cloud based
  • Many more features...