Ransomware roundup: What you need to know for 2018


January 12, 2018

blog graphic.png

Ransomware is a form of malware—or malicious software—that prevents you from using your computer and/or encrypts your data to block you from accessing it until you pay a ransom. Some studies say that a small or medium-sized business will be infected by ransomware every 40 seconds! Moreover, 1 in 5 victims who pay the ransom will never get their data restored. Ransomware continues to be a leading threat to businesses in 2018, but you can get ahead of the game by checking out this ransomware information roundup.

Common methods of acquiring ransomware:

  • Spam email containing malicious links or attachments
  • Redirects to malicious websites
  • Botnets
  • Legitimate websites containing malicious injected code


Common signs that you’re infected:

  • A popup that prevents you from closing it and tells you that you must pay to access your content
  • Files that won’t open, or errors such as “Windows can’t open this file”
  • A website or text file that automatically opens and tells you that your files are encrypted

Common methods of prevention:

  • Up-to-date antivirus program
  • Operating system and software patched and updated regularly
  • Don’t use administrator accounts for daily use
  • User education on email spam/attachments

What ransomware looks like

Below is an example of a type of ransomware called CryptoWall, which appeared in the form of a popup on the screen of the infected source:

ransomware graphic.png

What to do if infected

If you suspect that you’ve been infected by ransomware, you should immediately power off the system and unplug everything. Ransomware can easily spread from a single workstation to any accessible media—including external hard drives, network shares, servers, data backups and so on—and cutting the source of power can help stop other sources from becoming infected. Next, contact your managed IT services provider to report the suspected ransomware. Your MSP can work with you to determine what may have been affected, as well as to potentially restore missing data.

Bottom line: Some versions of ransomware will not only affect the workstation that activated them, but can spread into network drives and backups. Because it is so easy to acquire and spread ransomware, you must be careful when clicking links or opening attachments, especially from unfamiliar sources.

In addition to using the tips above, we highly recommend working with an IT professional to determine the best way to regularly back up your data and prevent that data from being hijacked. If you’re unsure about where to start, MyITpros is happy to talk with you about our security services and help you figure out your next steps!

ChayChayCircle2.png Chris Hay, Systems Administrator I 

We're Integris. We're always working to empower people through technology.

Keep reading

All the stats you need to know from the 2018 Webroot threat report

All the stats you need to know from the 2018 Webroot threat report

The 2018 edition of Webroot’s Threat Report shares a glimpse into the discoveries and analysis of threat activity throughout 2017. While the report covers everything from trends in polymorphism to malicious IP addresses to the danger of phishing attacks, check out...

Ask an MSP: What to do when attacked by ransomware

Ask an MSP: What to do when attacked by ransomware

Ransomware: It may sound like something out of the latest “Terminator” reboot, but the risk is all too real. In 2017, ransomware incidents rose by 350%, making ransomware threat No. 1 for business IT support providers. As its name suggests, ransomware involves a...