Don’t worry! Wiseserve can help you recover and repair from this attack.
Has your business been affected by Ransomware?
Again, don’t worry! Wiseserve can help. We’ll ensure you’re protected against threats with our practical help and sound ransomware advice.
Ransomware is one of the latest forms of malware plaguing the internet today although it’s not altogether brand new: the first attacks can be traced back to the late 1980s. In a ransomware attack, a user’s system is held hostage usually through files being encrypted (locked) so the user can’t access them until they agree to pay the proposed ransom through BitCoin or other hard to trace online payment method. Ransomware may lock the system in a way which is not difficult for a knowledgeable person to reverse, and display a message requesting payment to unlock it. More advanced malware encrypts the victim’s files and demands a ransom payment to decrypt (unlock) them. Ransomware propagates itself as a Trojan by disguising itself as a legitimate file. It typically spreads through e-mail attachments, infected programs and compromised websites. It’s all-too easy to fall victim to a ransomware attack. Clicking on an email link can allow the malware access to a single PC or even an entire network. IT users from simple one PC home businesses up to multinational organisations with sophisticated networks can easily fall prey.
An iteration of ransomware called ‘WannaCry’ – also known as ‘WannaCrypt’ and ‘Wcry’ – emerged in 2017 and caused considerable disruption with more than 300,000 victims in over 150 countries falling victim over a single weekend. It’s a virus that has attacked many different IT users including hospitals, banks, motor manufacturers and other organisations across the world. This virus locked away their data and demanded payment to release it – a common method was a type of ‘countdown’ in that a certain sum was asked for initially which rose in value the longer the victim delayed before paying up.
Encrypting ransomware reappeared in September 2013 with a Trojan known as CryptoLocker, which generated a 2048-bit RSA key pair and uploaded in turn to a command-and-control server, and was used to encrypt files using a whitelist of specific file extensions. The malware threatened to delete the private key if a payment of Bitcoin or a pre-paid cash voucher was not made within 3 days of the infection. Due to the extremely large key size it uses, analysts and those affected by the Trojan considered CryptoLocker extremely difficult to repair. Bitcoin is a popular method of payment asked for by ransomware hackers as it can be paid to an anonymous ‘address’ online without leaving a trace or clues as to who the perpetrators are.
The most important thing you can do to make sure you don’t fall prey to ransomware is to be careful with email links. Do not click links or attachments in emails unless you are 100% certain the sender is legitimate. It only takes one person in your organisation to click the link for ransomware to spread to other machines and possibly servers so infecting the whole network. Even visiting the ‘wrong’ type of website can provoke an attack – malware can be added to a machine just through surfing a rogue site. As it spreads across your servers, it can also take out your backups, but we have the skills, expertise and access to the latest decryption tools to get your data back quickly and easily wherever possible to prevent ransomware from taking down your company.
Here is some more ransomware advice to help you avoid attacks:
The most important step you can take to secure your system against ransomware is to regularly perform a system backup to safeguard your valuable data so at least you can get back up and running fast with up-to-date files and other data.
Do not open suspicious email attachments and links and remind your staff not to do so. As part of our ransomware support, we’re happy to provide training for your staff in recognising these types of emails and offer you and your team general ransomware advice.
One way that Cryptolocker frequently arrives is in a file that is named with the extension “.PDF.EXE”, counting on Window’s default behavior of hiding known file-extensions. If you re-enable the ability to see the full file-extension, it can be easier to spot suspicious files.
Patch and maintain your operating system, anti-malware, firewall, Adobe Flash Player, Java, browsers, and keep other software up-to-date.
Reduce the risk of identity theft by setting up unique passwords for different accounts and change them frequently.
Run a real-time anti-malware remediation tool and setup a strong firewall protection. We can help here as part of our ransomware IT services.
Ransomware is on the rise – there are now more than 50 families of this malware in circulation — and it’s evolving quickly. With each new variant comes better encryption and new features: this is not something you can ignore so talk to your ransomware support Oxford specialists today!
Our recovery process is 100% effective
- No Data: No Charge – if we cannot recover your data, we will not charge you for our efforts
- Hundreds of successful ransomware recovery cases – our proven track record with ransomware has allowed us to evolve as an industry leader in ransomware support and recovery
- Dedicated ransomware recovery specialist
Wiseserve is one of the first data recovery companies to become involved in ransomware recovery so restoring functionality to your personal or your business files as soon as possible.
We’re able to recover your data after the ransomware attack and protect your computer and IT systems and networks into the future as part of our ransomware support service.
