Ransomware! Avoid Paying Ransoms

This week Bob Oster, CEO of nSpire talks about Ransomware and how to avoid paying a ransom to get your files back.




Hey, guys, welcome back. Today I really want to cover ransomware. Over the past few years, we’ve seen ransomware hit all over the place, but locally we’ve been (we’re in New Orleans, Louisiana, here for those that are watching outside) But the state of Louisiana, the city of New Orleans, and then recently, the tax assessor’s office have all been hit by ransomware. Now, you may say those are very big organizations. What do I have to worry about? Well, unfortunately, these hackers that are doing ransomware, they don’t care if you’re a business, you’re a government agency or you’re a home user using your home PC. They are after everybody. The good news, is they don’t steal any data. They’re not after the data. Long gone are the places where they’re looking for valuable data to sell. They’re just looking to encrypt your files and hold them ransom. If you pay the ransom, they typically give you the encryption code and you get your files back. But we want to avoid that. If you get hit by ransomware and that means that your files are encrypted, you’ll likely see in your document folder a file that’s called Help Me Decrypt in there. They have an email address to email the attackers and figure out how to get your data back if you’re going to do that. We can talk about that in a minute. Use a brand new email address. Go create one on Gmail. That’s arbitrary and use that account.


But, the first thing you really want to do is change all your passwords. You’re not sure how they got in, whether it was a website or email, but you want to change all your passwords because somehow they got into your computer to do this. So, how do you prevent getting ransomware or being affected by ransomware? And most importantly, how do you prevent having to pay the ransom? So the first thing you really want to concentrate on is a good security sweep. We’ve talked about that in the past, but get you a good antivirus, maybe a web filter. We have a number of tools, and keep up with the Windows updates. Those are important, even though they’re a pain in the butt.


But backup is the key to not having to pay a ransom. So I’ll talk about backup from a business side and a personal side. On the business side, we like to see a three pronged approach, and that is a local snapshot on a server and then a local backup onto an appliance or a USB drive at the least. And then finally, everything up to the cloud. The reason you don’t want to go directly to the cloud for business is, let’s say you do get ransomware and you need to restore all that data. And it could be five hundred gigs, a terabyte. I’ve got clients with 14 terabytes of data.


Can you imagine how long that would take to download over the Internet or even put it on a USB drive and have it overnight? You’re talking about days, weeks of downtime. Nobody wants that. A local backup with a snapshot. You can get it up and running a lot quicker. So we put those in place for our clients. But on a personal side, I do recommend getting some kind of cloud backup. And I want to explain the difference between a backup and a sync. A lot of people are using one drive and Google Drive and Dropbox, which if you’re going to sync those files down to your local computer, they are susceptible to encryption from ransomware. And any time something gets updated on your computer, it gets updated on the site, on those drop outs and so forth. Those are some of those services have the ability to restore from a previous version, but only if you get the right version. Dropbox, for example, is Dropbox. Plus professional or business has the ability to restore from a previous time. They have their own backup within the sync tool. But if you don’t have those subscriptions, you’re not getting a true backup and you want to make sure that the backup is separate from your computer and they don’t have access to it. Do you have a say back up to a USB drive and that’s all you’re doing?


Well the hackers have access to that and they can encrypt that as well. So. If you have no backup, pay the ransom, there is not a way to decrypt it at this time, so you have to pay the ransom if you want your data back. And most of them are requiring Bitcoin of some kind of cryptocurrency. And it’s a two week process. That’s right. A two week process. So it takes about a week to get Bitcoin if you don’t already own some Bitcoin. And then it takes another week to transfer the funds to the hackers before they give you the decryption code. In my experience, most of the time you do get the encryption code by paying the ransom because that’s their business, right? If they didn’t give up what they asked, what they were asking for with the money, then nobody would pay it. Right. So that is the business they’re in that you do get the decryption code when you pay the majority of the time.


So keep in mind, good security suite, safe browsing, and  backup is the key to avoid having to pay a ransom. Thank you.


Hey, there nspire friends, like and share this video and subscribe to this channel for upcoming tech tips. From your IT Superheros. God bless.