Ransomware, Sandboxing, and How IT Marketing Agents Can Help
Ransomware is gaining worldwide attention recently, especially after the WannaCry attack that infected more than 200,000 computers in over 150 countries. As an IT marketing agent, you need to make sure your customers and potential clients are aware of the dangers of ransomware, as well as the protective measures they can use for all their systems. A very good measure to take is contracting with a business to provide your expertise as an IT support professional. Here are some facts about ransomware and what you (and your customers) can do to combat it.
What is Ransomware?
Let your client know about ransomware: Ransomware is a type of malware that locks your customers computer and holds their files hostage until they pay a certain amount of money. There are two main types of ransomware: lockscreen ransomware and the more troublesome encryption ransomware. Lockscreen ransomware displays a full-screen message that prevents clients from interacting normally with their device, demanding a ransom to unlock it again. Encryption ransomware scrambles their files, demanding a fee be paid for the encryption key needed to unscramble them again.
How Can Clients Protect Against Ransomware?
Sandboxing is a vital security practice that isolates programs, preventing malicious or malfunctioning programs from damaging the rest of your clients computers. The most useful fuction of this software is you and your clients can create their own sandboxes to test applications.
Another way for an IT marketing agent to help clients to safeguard their business is to educate them on maintaining good security. With the help of an IT professional such as yourself, installing anti-malware utilities on devices, updating all applications and software regularly, and using a reliable backup and recovery system to prevent data loss can be all that is needed to keep your data safe.
How Does Ransomware Infect Their System?
Typically, ransomware infects a clients system when an employee visits a website that forces their device to download malicious code. They may also be tricked into downloading ransomware disguised as something else, such as an email attachment or a software utility.
How Can You Remove Ransomware From Their System?
Let potential clients know IT representatives can usually remove ransomware with standard anti-malware utilities. If they’re locked out of their device, it may be possible to regain access if you reboot it in safe mode.
How Do They Recover My Files?
Your ability to recover their files depends on whether someone encrypts their files and what recovery systems they have in place. Some ransomware claims to encrypt files but doesn’t actually do so. In this case, it may be enough to simply remove the infection. If their files are encrypted, they may need to restore them from backups. Their system must be cleared of any malware before recovery can take place.
How Can The Message Include Their IP Address?
Businesses should know their IP address isn’t normally hidden unless they take steps to conceal it. There are a great many tools that can uncover their IP— the ransomware creator probably included such a tool in their design.
Could The Authorities Have Detected Illegal Activity On Their System?
No. This is a ruse the malware developer employs to make you pay. Ransomware messages can look convincing, with the names and logos of legal authorities prominently displayed. However, law enforcement will not interact with you in this way.
A Potential Client Can’t Access Their System Or Their Files. Should They Pay The Ransom To Regain Access?
Whether or not they decide to pay will depend on their situation. Be aware that paying the ransom may not allow them to regain access to your files. If they do pay, the culprit may also target them again for future attacks.
What Should Your MSP Company Do If I’ve Already Paid?
If they’ve paid using a credit or debit card, or an online payment service such as PayPal, they might be able to recover the money from their payment provider. If they’ve used a digital currency such as Bitcoin, recovering the money may be difficult, if not impossible. Contacting law enforcement, such as the police, can be a useful first step.