It nearly sounds as if it’s out of a movie. Picture it: You boot up your computer, only to discover that all your files have disappeared — and a stranger is holding them hostage until you fork over some dough.
It’s one of the latest threats to your network and unlike many cyber threats, the culprits are literally taunting you over what’s been done.
In fact, not only did they make no attempt to keep their presence a secret, they all but fired a flare to announce the break-in, taking the extreme step of encrypting their illicit haul and posting a digital ransom note demanding payment for the password.
Take a moment to think about all that is stored on your network’s computers. Frankly, it’s probably a treasure trove and the perfect target for one of the latest computer crimes.
Why? Because they know you’ll do just about anything to get it back. The real question is, ‘How much are you willing to pay?’
Upon entry into your computer, hackers use software to lock up files so tight, they won’t open again until the owner agrees to pay a ransom. As with most other scams, hackers can infiltrate a computer system through a phishy e-mail or attachment. But most often, this new scheme works because someone left a virtual door unlocked – specifically they permitted remote access to an unpatched Microsoft Windows server using RDP over the Internet. RDP is often used to allow travelling employees access to specific applications back in the office and is sometimes also used by IT outsourcing companies to manage their clients’ servers and networks.
Once the hackers have scanned your internet presence and found the open port, they are in control of your servers and the data stored on them. And that’s when a couple of new files pop up and you see a message leading you to instructions — in the form of a ransom note — that explain how to get your files back.
While experts say you should never pay the ransom, what is one to do? Well, for starters you can do something now.
Anti-virus and anti-spyware programs are only one line of defense in the full arsenal it now takes to safely permit remote access to your systems. Firewalls, VPNs, along with IP reputation software are critical to ensuring that your systems are only accessed by authorized visitors.
And, of course, always back up your files off site.
Looking for solutions to enhance your network’s security? Email me…I can help!
Rick Mark
rmark@singerlewak.com