FBI Directions for Victims of Ransomware
Last week the FBI issued a Public Service Announcement directed to victims of ransomware. They requested that anyone infected with ransomware report the details of their attack so the FBI can develop a more comprehensive view of ransomware’s impact on the US economy. The PSA goes on to give very specific advice of what computer users should do to both avoid and recover from an infection.
What is ransomware?
Ransomware is a type of malware that encrypts the files on an infected computer so they cannot be accessed. Once the files are encrypted, the owner is notified that unless they pay a fee (here is the ransom part), usually in untraceable bitcoin, they will be permanently locked out of their files. The story is that if you pay the fee the files will decrypted. However the story sometimes doesn’t end there. If you do pay, you are can be put on a list and targeted again as being both vulnerable and a soft touch. The FBI reports that between April 2014 and June 2015 victims reported losing $18 million to just one ransomware variant called CryptoWall!
There are very few things you can do after you are affected by ransomware if you haven’t taken precautions. Virus scanners provide protection against only well-known ransomware versions but are useless against new or slightly modified variants. The only real protection is to have a data backup and recovery program so that you can roll your system back to a recovery point before the infection occurred.
We are pleased to see that the FBI is recommending the exact same steps Unitrends has been promoting for years. The specific FBI recommendations are:
- Regularly back up data and verify the integrity of those backups. Backups are critical in ransomware incidents; if you are infected, backups may be the best way to recover your critical data.
- Secure your backups. Ensure backups are not connected to the computers and networks they are backing up. Examples might include securing backups in the cloud or physically storing them offline.
Unitrends has deep experience with helping organizations recover from a ransomware attack. One of our customers, Life’s Abundance, a maker of pet products and services used their Unitrends Recovery Series Backup Appliance to beat a ransomware attack in less than two hours. We also offer Unitrends Cloud for the secure off-site storage of your data files.
Once you become a victim there is little you can do. You need to take steps now, before you are infected to protect your data.