Does your organisation have a plan in place to deal with an outbreak of ransomware or cryptolocker?
FYI, this story is more than a year old
Does your organisation have a plan in place to deal with an outbreak of ransomware or crypto locker?
If you are interested OneNet can provide an availability assessment which can review your availability requirements solution and assess your preparedness to deal with an unforeseen issue or outage.
One of the key objectives of the assessment is to understand the availability requirements of the business and from there we can recommend a solution to meet those requirements.
One of OneNet’s consultants can discuss this with you in confidence so that you can make an informed decision. Being a NZ based technology solution provider we are on the ground here to help.
Ransomware is a type of malware that restricts access to the infected computer system in some way, and demands that the user pay a ransom to the malware operators to remove the restriction. Some forms of ransomware systematically encrypt files on the system's hard drive, which become difficult or impossible to decrypt without paying the ransom for the encryption key, while some may simply lock the system and display messages intended to coax the user into paying. Ransomware typically propagates as a trojan, whose payload is disguised as a seemingly legitimate file.
While initially popular in Russia, the use of ransomware scams has grown internationally; in June 2013, security software vendor McAfee released data showing that it had collected over 250,000 unique samples of ransomware in the first quarter of 2013, more than double the number it had obtained in the first quarter of 2012. Wide-ranging attacks involving encryption-based ransomware began to increase through trojans such as CryptoLocker, which had procured an estimated US$3 million before it was taken down by authorities, and Cryptowall, which was estimated by the US Federal Bureau of Investigation (FBI) to have accrued over $18m by June 2015.
CryptoLocker is a ransomware trojan which targeted computers running Microsoft Windows, believed to have first been posted to the Internet on 5 September 2013. CryptoLocker propagated via infected email attachments, and via an existing botnet; when activated, the malware encrypts certain types of files stored on local and mounted network drives using RSA public-key cryptography, with the private key stored only on the malware's control servers. The malware then displays a message which offers to decrypt the data if a payment (through either bitcoin or a pre-paid cash voucher) is made by a stated deadline, and threatened to delete the private key if the deadline passes. If the deadline is not met, the malware offered to decrypt data via an online service provided by the malware's operators, for a significantly higher price in bitcoin.
Disaster Recovery Plan A disaster recovery plan (DRP) is a documented process or set of procedures to recover and protect a business IT infrastructure in the event of a disaster. Such a plan, ordinarily documented in written form, specifies procedures an organisation is to follow in the event of a disaster. It is "a comprehensive statement of consistent actions to be taken before, during and after a disaster." The disaster could be natural, environmental or man-made. Man-made disasters could be intentional (for example, an act of a terrorist) or unintentional (that is, accidental, such as the breakage of a man-made dam).
Given organisations' increasing dependency on information technology to run their operations, a disaster recovery plan, sometimes erroneously called a Continuity of Operations Plan (COOP), is increasingly associated with the recovery of information technology data, assets, and facilities.
Article by Steve Victor, national sales manager at OneNet