Ransomware Article Explains a Growing Data Security Threat

Share Article

An article from eMazzanti Technologies explains how business computer networks can become infected with a type of malware that can literally hold a business’s data for ransom.

eMazzanti Outsourced IT Experts

This threat [ransomware] is affecting machines in greater numbers, and because it locks users out of their files, it can be an expensive problem for an organization with time-sensitive deadlines.

“Pay-up or lose your data” is the price some businesses face when they get infected with ransomware, a type of malware designed to render a computer or its files unusable until payment is made to the attacker. An article from eMazzanti Technologies, an IT support and computer consultant in the greater New York City area, explains the problem and what to do about it. The article is entitled: “Ransomware in the Enterprise.”

“This threat [ransomware] is affecting machines in greater numbers, and because it locks users out of their files, it can be an expensive problem for an organization with time-sensitive deadlines,” said Jennifer Mazzanti, president, eMazzanti Technologies. “The best solution is active prevention.”

The full articles can be found here.

Ransomware Masquerades
Ransomware often masquerades as an official-looking warning from a well-known law enforcement agency in the victim’s locale, such as the US Federal Bureau of Investigation (FBI), or the Metropolitan Police Service of London (also known as Scotland Yard). This warning can block the desktop of an infected computer, accusing the user of committing a crime. It demands payment of a fine via electronic money transfer before control of the machine is restored. A ransomware infection doesn’t in any way indicate any illegal activities have actually been performed on the infected computer, nor does it follow local legal process.

Some recent ransomware threats are also known as “FBI Moneypak” or the “FBI virus” because of their common use of law enforcement logos and requests for payment using Green Dot MoneyPak, a brand of reloadable debit card.

How Ransomware Operates
Some ransomware family classifications, such as Reveton or Weelsof, operate by displaying a lock screen and preventing access to any of the computer’s functions (but they offer to provide a password when the ransom is paid). Other threats, such as GPCoder and Crilock, take a different approach and use complex methods of encryption such as AES and RSA to render files unusable. In all cases, the computer is held hostage for a “ransom”. It’s only when that ransom has been paid that computer can be unlocked – or so the perpetrators say. More often, access to the computer is not restored, even after payment.

Businesses can review common ransomware behaviors by looking at the top two families seen during the reporting period for the latest Microsoft Security Intelligence Report (SIRv15), January 2013 to June 2013. Within this report, Microsoft measures the prevalence of a threat using its encounter rate – the number of computers that come in contact with a specific threat. An encounter doesn’t mean the computer was infected; the measurement includes encounters where security software blocks the infection.

Dealing with a ransomware infection
The most important tool for dealing with ransomware is to make sure computers are backed up. Once infected, ransomware, such as Crilock can encrypt files making them inaccessible. In some cases the computer must be reformatted, since the lock screen prevent access to files on the PC. Cloud technologies such as SkyDrive Pro have a built-in version history allowing a user to revert to previous unencrypted copies of files.

Read more…

Related posts:
1.    The Latest on Windows 8 Professional and Enterprise
2.    A Perfect Virus for Imperfect Users
3.    eMazzanti named Finalist in New York Enterprise Small Business Awards in Technology
4.    eMazzanti Article: Top 10 New Business Features in Windows 8

About eMazzanti Technologies
eMazzanti Technologies’ team of trained, certified experts provide 24x7 outsourced IT support to help ensure business productivity, address challenges of growth, cloud computing, mobility, critical business continuity and disaster recovery demands. The consultancy has special expertise in manufacturing, distribution, retail and PCI compliance, financial, architectural, engineering, construction, government, educational, legal services, accounting, marketing communications, and healthcare market segments, while maintaining high customer satisfaction levels. Flexible support plans range from fixed-fee, around-the-clock network management where eMazzanti functions as an extension of a businesses’ IT staff, to a custom-solution provided on an as-needed basis. eMazzanti serves the Hoboken, NJ and NYC area markets as well as regional, national and international business support requirements. The IT firm is Microsoft's 2012 Partner of the Year and on-going Gold Partner, Microsoft Northeast Region Partner of the Year, a four-time recipient of WatchGuard's Partner of the Year and has achieved the Inc. 5000 list for the fourth year in a row. Download the free article: How to Select an IT Provider. More than 400 companies trust their IT support needs to eMazzanti Technologies. For more information contact: Carl Mazzanti 201-360-4400 or emazzanti.net. Twitter: @emazzanti , Facebook: Facebook.com/emazzantitechnologies.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Carl Mazzanti
Visit website