Ransomware: Disaster Prevention and Recovery

6th May 2016

As the war on cybercrime continues, here’s a bit of info for you all on the latest crop of computer virus/malware that are doing the rounds. Be warned: some of these are particularly nasty and could easily cause your business and/or home PC some serious problems.

Most businesses will have multi-layered security systems in place with which to mitigate these issues (we hope!), but it is unlikely that users have this protection domestically, so some information and advice will surely be of value!


One of the favoured methods of attacking people currently is to instigate what is called a Ransomware attack. Once deployed this virus will delete any backups you have stored locally then begin encrypting your laptop with an unbreakable encryption algorithm.

It will then proceed to attack any network attached folders/shares that it can see and start encrypting those too. On completion it will present you with a screen detailing that your system has been encrypted and the only way to unencrypt is by the payment of a ransom (hence the name ransomware).

The ransom normally takes the form of a BitCoin (or part of), which for those who don’t know is an untraceable electronic virtual currency. Bitcoins are traded on Bitcoin exchanges and have their own exchange rate just like Pounds and Dollars. Most ransoms are equivalent in value from £200 to £1000.

If a user decides to pay the ransom there is a chance that the hacker will send you the encryption key allowing you to unencrypt your data…then again, they may not and just keep your money – they are criminals after all.

Disaster Prevention

Common Sense: The most commonly deployed method of getting malware/viruses onto a PC is via user interaction, and email is the perfect platform for this. We strongly advise our customers to remain very suspicious of emails that they don’t recognise, especially those with attachments in them - opening could deploy the virus.

It is very easy to be curious of an email that may appear to contain something interesting. This is generally how hackers work - trying to entice you with something.

If you’re suspicious at all, resist the urge to open the email!!

The other common way to get viruses on your machine is via websites that are either dodgy, or have been hacked themselves. The obvious advice here is to be sensible about what websites you visit. Be wary about clicking dynamic adverts that seem too good to be true – they generally are!

Peer2Peer: If you use any type of Peer2Peer (P2P) sharing and/or BitTorrents to download films and music you are very much at risk of compromise as this is a simple way to package viruses. Obviously you won’t be doing this on your work PC as this will generally be a breach of corporate IT policy.

Security Software: Make sure you have an antivirus software package installed that is up-to-date.  Ensure that your Windows firewall is turned on at all times and if you have a hardware firewall this is also secured and not left in its default configuration

Updates: Make sure all software is running the latest versions - especially Windows!

Disaster Resolution

Backups: Make sure you have good regular backups. If you are unfortunate enough to get hit by Ransomware, the only reliable way to get your files back is by restoring from a backup.

There are lots of very good –and cheap - backup solutions available, which when coupled with a removable drive or a NAS, can regularly backup your valuable data. We recommend Acronis as a powerful and fairly cost effective option.

For additional security we recommend that you don’t keep your backup drive next to your PC as if the it is stolen or something happens to it your backups will go too.

If you need any further advice or assistance please get in touch - we're here to help!

What Next?

If you are planning to deploy an enterprise-grade wireless network or are experiencing problems with a existing setup, please feel free to contact Ensign Communications for a chat with our technical team.