I have been writing for two years for the Jewish Link of New Jersey. It’s really humbling when I go to a bar mitzvah and hear everyone at the table say they have read my column. It is really my honor to write for such a great paper.
Out of all of the columns I have written, it’s surprising to me that people mostly give feedback on the free streaming options to get rid of your cable TV or holiday bargain websites.
I have never received one email about ransomware, but I should! There has been a huge spike in ransomware. Ransomware is a type of malware that prevents or limits users from accessing their system.This type of malware forces its victims to pay the ransom through untraceable online payment methods. Rumor has it that the NYPD was hit and actually paid these criminals.
Ransomware hackers live in the part of the Internet called the “Dark Net.” This is an area that Google does not get hits for. Here are the steps that occur:
1. Files get hit with ransomware.
2. User opens files and there are instructions as to what happened to you and how to pay.
3. The pay options are in Bitcoin. The price starts at $500 per week. Every week you don’t pay will cost $500 more. Bitcoin is completely untraceable. I assure you these criminals will not get caught.
4. Every time you click a file, the ransomware will grab the important files—databases, QuickBooks, everything you need. You will see the extensions that will end in ccc. It will spread to whatever drive the crypto virus resides.
5. Hackers will send your files via the Tor network to their servers.
6. Files are encrypted with a key that only the hackers have. The files cannot be recovered. Viruses cannot be removed. No anti-virus software is be able to remove this cryptolocker.
Recently, one of our new clients got hit with an older system and had no backups. This becomes a financial issue as well.
I’d advise everyone to check their business insurance and see if there is coverage for these kinds of incidents. Note that insurance companies will not pay ransom but will pay to get your business as it was pre-crypto. I spoke to one of the third-party adjusters and he told me they are getting 25 calls a day regarding crypto/ransomware. Many adjusters are privately telling companies that they have no choice but to pay ransoms.
If anyone is unsure if you should make a claim, you can call my office at (201) 379-9234. We have a full-time attorney and can provide expertise on this kind of attack.
I strongly suggest you do not pay these people. Once paid you are supporting people who could be terrorists, drug dealers or worse. These are not a bunch of teenagers in their parents’ basements.
Here is the deal: Do not be fooled and think you have an I.T. group or person who can remove the crypto virus. It’s not possible, and the criminals know this. It is one of these situations that can place you in a bad place either way. Either pay these criminals and risk getting your files back in pieces or not at all. Or your files are not recoverable with the crypto lock on the files.
Most importantly, if you are not backing up your files daily, you will get hit. If you have no firewall at your office, you will get hit. No current anti-virus? You will get hit.
The backups should not be on an external as the only place for the files, as the crypto virus will infect mapped drives, shared drives, USB and external drives.
The backups should be in a good cloud backup that is encrypted and something called “versioned.” Versioned means that if you have an outage and need to restore, your files can be restored to an exact date that you remember being without the virus. Your IT professional should be well versed in backups. At GCG we live, breathe and eat data backups. At least a month’s worth of data should be able to recovered to its exact state. Hence, daily encrypted backups are critical.
The backups should be monitored every night.
Keep a USB drive copy of your most critical files. Put the key in a safe deposit box and/or a fireproof safe. Scan all of your passports, driver’s licenses, house insurance, car insurance and birth certificates. These documents may be needed to order new ones.
Ransomware really is horrible and the lowest form of hacking. There used to be some sort of code to hacking. These guys are criminals; their aim is to put people in a tough spot. It’s not my style to say there is no answer. But in this case, it’s really miserable.
Of course, the anti-virus companies and the government will be on top of this and will eventually come up with a solution. IT professionals are constantly reading to stay ahead of the hackers, though currently there is no program or group one can hire to recover ransomware crypto-locked files.
All I can say is the following: Back up often. Back up daily.
If you have any questions or comment, Shneur Garb can be reached by [email protected]. Shneur is the CEO at The Garb IT Consulting Group in Teaneck, N.J.
By Shneur Garb
