We’ve gotten so caught up discussing ransomware prevention with our clients that we’ve neglected to mention that several strains have already been defeated. In fact, there’s a decent chance you can actually decrypt all your data for free. Always make sure to check these lists before responding to a cyber attacker’s demands.
The state of ransomware in 2017
It’s been almost 30 years since malware was first created that could encrypt locally-stored data and demand money in exchange for its safe return. Known as ransomware, this type of malware has gone through multiple periods of popularity. 2006 and 2013 saw brief spikes in infections, but they’ve never been as bad as they are now.
In 2015, the FBI estimated that ransomware attacks cost victims $24 million, but this skyrocketed to $74 billion worldwide in 2016 with no signs of easing in 2017. At the beginning of 2017, more than 10% of all malware infections were some version of ransomware.
Not every type of infection is targeted to individual organizations. Some infections may happen as a result of self-propagating ransomware strains, while others might come from cyber attackers who are hoping targets are so scared that they pay up before doing any research on how dated the strain is.
Always check the following to see if a free decryption tool is available. This could save you a world of hurt:
- Kaspersky Lab’s No Ransom list
- Bitdefender anti ransomware tool
- Avast’s free decryption tools
- Trend Micro’s Ransomware File Decryptor
- Fightransomware.com’s Breaking Free list
But even when you can get your data back for free, getting hit with malware is no walk in the park. There are essentially three basic approaches to preventing ransomware. First, train your employees about what they should and shouldn’t be opening when browsing the web and checking email.
Second, back up your data as often as possible to quarantined storage. As long as access to your backed-up data is extremely limited and not directly connected to your network, you should be able to restore everything (that you backed up) in case of an infection.
Finally, regularly update all your software solutions (operating systems, productivity software, and antivirus). Most big-name vendors are quick to patch vulnerabilities, and you’ll prevent a large portion of infections just by staying up to date.
Whether it’s dealing with an infection or preventing one, the best option is to always seek professional advice from seasoned IT technicians. It’s possible that you could decrypt your data with the tools listed above, but most ransomware strains destroy your data after a set time limit, and you may not be able to beat the clock. If you do, you probably won’t have the expertise to discern where your security was penetrated.
Bob Milliken is the TheITguy@CascadiaSystemsGroup.com specializing in helping businesses with their IT needs. Discover how great local IT services can be. 604.270.1730.