BLOG

Search

Ransomware is a type of malware or a virus that prevents users from accessing their systems or data until they pay a sum of money.


Clicking on vulnerable links is still a dominant way to deliver their payloads to cybercriminals. Ransomware was the greatest threat of malware in 2018, with multiple high-profile attacks on ransomware. Such malicious threats did not display any signs of slowing down in 2019.


Only through a proactive disaster recovery plan can your chance of avoiding a ransomware attack improve.


Let’s look at the infographic below from MalwareFox.


For ransomware help and removal, contact Digital Insights at +971 4 2415888 /+971 50 8865252 or email us info@dicuae.com


Visit our website to learn more: www.dicuae.com

24 views

Updated: Dec 23, 2020

Getting infected by ransomware is extremely alarming but panicking will only make it worse! If you see a notification on your screen that says the computer is locked or your files are encrypted, don’t start clicking on anything. Take a step back and see your options. There are numerous steps that can help you gain control of your system (Windows) and files before you decide to pay the ransom.


P.S If you are a part of an organization and a victim of a ransomware attack, then we recommend getting a full-fledged Root Cause Analysis done on your system. This will avoid a second attack from the hacker on the compromised machine. Call us at +971 4 2415888 or +971 50 8865252 for a Root Cause Analysis to best help your business.




What kind of ransomware is it?


You'll have to find out if you've been struck by encrypting ransomware, screen-locking ransomware, or something that is pretending to be ransomware. Check if you can still access your files on the desktop or in My Documents folder.


It is a screen-locking ransomware if you cannot pass the ransom note on your screen or the note claims to be from a government security agency accusing you looking at pornography or filing false taxes and asks for a “Fine” (which isn’t half-bad).


It is an encrypting ransomware If you are able to browse through directories or applications but are unable to open office files, media files or emails (which is scary).

It is a fake ransomware attack if you can both explore the system and read most of your files. Just ignore the ransom note in this case because someone is toying with you to get some money. In such a situation, try closing your web browser. If you can’t, press the CONTROL, SHIFT and ESC keys at the same time to open TASK MANAGER. Choose the APPLICATION tab, right-click on the Browser Application and click on END TASK.


Should I pay the ransom?

Keep in mind that if it’s a screen-locking ransomware, DON’T PAY THE RANSOM. Most security experts including Microsoft advise against paying the ransom because there is no guarantee that you’ll get your files back after paying. This only encourages more attacks.


On the other hand, if you need to recover business, medical or legal documents, family photos or other important files, paying a small amount may be a possible option because sometimes ransomware criminals unlock the files after receiving the ransom. We’d suggest staying neutral to the situation and decide accordingly depending on the impact.


How to handle Encrypting Ransomware

Bear in mind that this is the most common and most harmful kind of ransomware, so implement these steps in the same order.


1. Disconnect your computer (but DON’T SWITCH IT OFF) from any devices including external disks. Go offline if you are on a network to avoid spreading the ransomware on your local network to other phones or file-syncing facilities.


2. Take a photograph of the ransom note on your screen using your phone or a camera. Try if you can take a screenshot, if yes, do that also.


4. See if deleted files can be recovered. Many types of ransomware encryption duplicate your documents, encrypt copies and delete originals afterwards. With instruments like the free ShadowExplorer you may be able to retrieve deleted files.


5. Find out which type of encryption ransomware you’re dealing with. If the ransomware has not announced its own name, then try the online tool, Crypto Sheriff or Ransomware ID, for the same. They both allow you to upload encrypted files and tell you whether the encryption is reversible or not.


6. Check if there are any decryption tools available. If you get to know the name of the ransomware then head over to No More Ransom website and explore the list of decryption tools to possibly find any matching decryptor.


7. Try restoring your files from a backup that is IF you regularly back up your computer. But before you do that, ensure that the backup files aren’t encrypted as well. Plug a backup drive into another computer or log in to an online backup facility, to check the files.


If everything looks good, you will have to wipe the drive completely, reinstall the operating system and then restore these backup files.


P.S If this process doesn’t work, you may have to either pay the ransom or surrender the files.


8. If you plan to pay the ransom, try to negotiate first. Usually, the ransomware notes come with instructions to contact the criminals running the malware. If that’s your case then contact them and strike a deal for a lower ransom. It works, contrary to what you think.


Once the deal is final, follow the payment instructions. Now, there still isn’t a guarantee that you will receive your files but most sophisticated ransomware criminals stay true to the deal.


9. If you can cut the cord on the files then reinstall the operating system. You might have to use installation CD disks/USB sticks to install the OS unless its WIndows 10 because that has a “Factory Reset” option.


10. Definitely file a police report. Even though it sounds lame, it is an important legal step in order to file a lawsuit or an insurance claim related to the ransomware attack. This also helps authorities keep an eye on futures attacks.


To find out more call us at +971 4 2415888 or +971 50 8865252


How to handle Screen-locking Ransomware


Although screen-locking ransomware isn't as frequent as it was a few years ago, it still comes up now and again. Follow these steps to deal with it.


1. Disconnect your computer (but DON’T SWITCH IT OFF) from any devices including external disks. Go offline if you are on a network to avoid spreading the ransomware on your local network to other devices.


2. Take a photograph of the ransom note on your screen using your phone or a camera. Try if you can take a screenshot, if yes, do that also.


3. Reboot your system in Safe Mode by simultaneously pressing the POWER button and the S key on the keyboard. Run an antivirus software to remove the ransomware when the computer restarts.


4. If Safe Mode doesn't work, try System Restore. Most Windows computers allow you to roll back to the last known good state.


If you are unable to access the recovery screens but have the installation disk or USB stick for that variant of Windows, reboot from it and click Repair Your Computer instead of installing the OS.


5. To clean out your system completely, run an antivirus software one or more than once.


6. File a police report. This might sound pointless, but it's an important legal step if you want to file a lawsuit or an insurance claim related to the attack. This also helps authorities keep track of future attacks.


If nothing works and you’re still scared, then contact us!


Don’t wait for things to get worse if you cannot figure out how to deal with ransomware on your own. Call us straight away at +971 4 2415888 or +971 50 8865252 immediately. We provide 24x7 ransomware and malware support!

35 views

Updated: Dec 23, 2020

Statistics indicate that cybersecurity is a legitimate danger to small companies, but small businesses don’t always act on that knowledge. According to the 2018 Hiscox Small Business Cybersecurity Report, 47% of small businesses experienced a cyber attack in the past 12 months. Cybersecurity is a serious concern, yet the report shows only 52% of businesses have a cybersecurity strategy.


Unfortunately, this “out of sight, out of mind” mentality can have terrible implications for small businesses. If you don’t effectively protect your business from cybersecurity threats, you may lose critical data about your business while damaging your brand and losing money.

Occasionally cyberattacks can be so bad that you eventually go out of business. An absence of understanding and concern is one of the biggest reasons small companies avoid putting resources to cybersecurity. It just sounds complex to use the word “cybersecurity” but it doesn’t have to be a daunting job to protect your business from cybercrime.


Cybersecurity audits


Start by finding out if your company is well-protected against cyber attacks or not? Maybe you are secure in some areas but lacking in others? It’s best to start by understanding where you can improve.

While most of the initiatives that a small business can take may require more than an hour to implement, it might be worth spending an hour doing a fast audit of what cybersecurity measures you already have. The first and most important step is to formulate an acceptable use policy for devices, data and the network access to your employees.


If a lack of understanding is the reason your company avoids taking cybersecurity initiatives, get in touch with Digital Insights to help you with your cybersecurity plans. Ignoring cybersecurity is not a lawful excuse just because your team lacks technical expertise. There is always a solution!


Train your employees


Training your staff correctly is the fastest way to safeguard your company from cyber-attacks. Some companies may image a foreign hacker taking exceptional steps to break into the network of a small business, but this is generally not the case. A basic phishing email may compromise your small business in many situations. Basic security measures often deter effective attacks. If you forget about big hackers for a moment and realize that emails and employees are usually the number one causes of breaches for SMBs. If SMBs spent just one hour, training their staff on basic internet hygiene like spotting phishing emails, good browsing practices, not downloading suspicious files or clicking links, it would definitely improve their cybersecurity.


Small businesses should also be prepared to prevent ransomware attacks, which occur when malware infects your computer and locks it down until a ransom is paid. Even though using anti-malware software is a good way to prevent these attacks, sometimes hackers slip right through them. We recommend backing up all your files regularly and never pay the ransom should your business be attacked. For intense situations, Digital Insights offers multiple solutions for ransomware attacks and ways to avoid them.


Improve your password strength


Having a strong password may seem like a redundant tip to small businesses but honestly, it is really important and constitutes to avoid brute-force attacks. If you’re only looking for one way to improve your cybersecurity, this is a good place to start, by keeping strong passwords. We recommend keeping a complex password with letters, numbers and symbols and even better to use complicated combinations of these. If you’re afraid of forgetting, write it down in a phonebook (old school style) and not save it on online notes. It may seem unimportant but long passwords with different symbols and capitalization of letters tend to combat brute-force attacks.


A common mistake that employees and people in general make is using the same password across several platforms and websites. This does more harm than good because it increases the possibility of your data being compromised. Strengthening your organization’s passwords immediately reduces the risk of a successful cyber attack against your business, and it doesn’t take long.


Implement multifactor authentication


Multifactor authentication offers an additional layer of safety to protect your accounts beyond a username and password, generally by requiring you to enter a code sent to your mobile device or by providing a distinct safety key to your hardware. Most internet banking and loan card services, like email and social media services, give this capacity. It requires just a few minutes to enable this additional safety protection and protects your significant accounts by making sure that you access the account, not a cybercriminal who stole your password. Two-factor authentication in tech products is not difficult to enforce or look for and can assist avoid cybersecurity assaults by using it.


So, if you are a small-medium business looking to improve your cybersecurity then this is a good place to start. According to SiteLock’s annual security report, the average website is attacked 62 times a day. There is no room for excuses or overconfidence of “it won’t happen to us” in terms of cybersecurity in 2019. The no. of cybercriminals and cyber attacks have tremendously and increased and there is no hiding from it.


#cybersecuritytips #digitalinsights #cyberaware #cybersafe

21 views