What to do When Being Ransomed
Killian: Hey everyone, welcome to another episode of Tech Riffs. My name’s Killian, and I’m a systems engineer here at Worksighted. Today I have a special guest with me, his name is Chris. How’s it going Chris?
Chris: Pretty good, how are you doing?
Killian: Good man. So, Chris is one of our help desk technicians, he’s a subject matter expert across a lot of different things. Bringing him in today to talk a little bit about ransomware. When we did our West Michigan IT report, we polled a whole bunch of businesses all across West Michigan, we found that about half of the security breaches that take place, they’re all related to ransomware.
So I wanted to get kind of some of your thoughts on ransomware. What do you do when ransomware strikes, how do you avoid some ransomware?
Chris: Yeah, so ransomware is a type of virus, basically it is holding your files, your computers hostage for money. So, the first sign of ransomware is usually this scary window in your screen, says hey your files have been encrypted, we’ll get you your files back if you pay us some money.
Usually comes in the form of an email, an attachment, or maybe a link it wants you to click on something. The next thing you know, there you go.
Killian: There you go.
Chris: You’ve got ransomware.
Killian: Yeah, really scary stuff, because once it comes on your own computer, it can effect the rest of your work network.
Chris: Oh yeah.
Killian: What are some things that you would look for in that email to kind of stop that?
Chris: So, it’s going to be an email that’s maybe from a vendor that you recognize, maybe you don’t recognize. Maybe a customer, maybe someone that’s not a customer. Usually asking you to download a file, or asking you to a website, something that seems out of the normal for you.
Chris: And then, you know, ultimately they’re trying to run a file on your computer. That file, as soon as you run it, there’s no stopping it, it’s going.
Killian: Yeah. It’s going. And we see a lot of different attacks come in this way. In fact, so many so that we have done a Tech Riffs episode on this before. We’ll go ahead and post the link below, so you can check that out, really good information there.
So let’s say you do get attacked and it does come through, and you see that screen pop up, your heart’s racing, it’s really scary, what are your next steps?
Chris: You really want to stop, don’t try and fix it yourself. I don’t recommend paying any money. Don’t pay a ransom. I’ve seen instances where people pay the ransom, and nothing happens, they don’t get their files back. Some instances where they pay the ransom, they get some of their stuff back, but the servers are all messed up, we’ve got to go and rebuild them all anyways.
So, the best thing to do is to stop and let an IT professional evaluate it.
Killian: Yeah, definitely get with your IT department, you know, your MSP, Worksighted is definitely somebody that you can call to help you out. Definitely something that’s really scary, but I think the key is to not panic.
Killian: Definitely as soon as you can, calmly get with your IT department, we can work through things with you for sure. Chris, thanks for coming aboard today.
Chris: Yeah no problem.
Killian: Yeah, very good information. You can learn more cool tips and tricks about IT by going to worksighted.com/tech-riffs, and subscribing.