Ransomware, Sandboxing, and How IT Marketing Agents Can Help

Ransomware is gaining worldwide attention recently, especially after the WannaCry attack that infected more than 200,000 computers in over 150 countries. As an IT marketing agent, you need to make sure your customers and potential clients are aware of the dangers of ransomware, as well as the protective measures they can use for all their systems. A very good measure to take is contracting with a business to provide your expertise as an IT support professional. Here are some facts about ransomware and what you (and your customers) can do to combat it. 


What is Ransomware? 

Let your client know about ransomware: Ransomware is a type of malware that locks your customers computer and holds their files hostage until they pay a certain amount of money. There are two main types of ransomware: lockscreen ransomware and the more troublesome encryption ransomware. Lockscreen ransomware displays a full-screen message that prevents clients from interacting normally with their device, demanding a ransom to unlock it again. Encryption ransomware scrambles their files, demanding a fee be paid for the encryption key needed to unscramble them again. 


How Can Clients Protect Against Ransomware? 


Sandboxing is a vital security practice that isolates programs, preventing malicious or malfunctioning programs from damaging the rest of your clients computers. The most useful fuction of this software is you and your clients can create their own sandboxes to test applications. 

 Another way for an IT marketing agent to help clients to safeguard their business is to educate them on maintaining good security. With the help of an IT professional such as yourself, installing anti-malware utilities on devices, updating all applications and software regularly, and using a reliable backup and recovery system to prevent data loss can be all that is needed to keep your data safe.


How Does Ransomware Infect Their System? 

 Typically, ransomware infects a clients system when an employee visits a website that forces their device to download malicious code. They may also be tricked into downloading ransomware disguised as something else, such as an email attachment or a software utility. 


How Can You Remove Ransomware From Their System? 

Let potential clients know IT representatives can usually remove ransomware with standard anti-malware utilities. If they’re locked out of their device, it may be possible to regain access if you reboot it in safe mode. 


How Do They Recover My Files?  

Your ability to recover their files depends on whether someone encrypts their files and what recovery systems they have in place. Some ransomware claims to encrypt files but doesn’t actually do so. In this case, it may be enough to simply remove the infection. If their files are encrypted, they may need to restore them from backups. Their system must be cleared of any malware before recovery can take place. 


How Can The Message Include Their IP Address? 

 Businesses should know their IP address isn’t normally hidden unless they take steps to conceal it. There are a great many tools that can uncover their IP— the ransomware creator probably included such a tool in their design. 


Could The Authorities Have Detected Illegal Activity On Their System? 

 No. This is a ruse the malware developer employs to make you pay. Ransomware messages can look convincing, with the names and logos of legal authorities prominently displayed. However, law enforcement will not interact with you in this way. 


A Potential Client Can’t Access Their System Or Their Files. Should They Pay The Ransom To Regain Access? 

 Whether or not they decide to pay will depend on their situation. Be aware that paying the ransom may not allow them to regain access to your files. If they do pay, the culprit may also target them again for future attacks. 


What Should Your MSP Company Do If I’ve Already Paid? 

If they’ve paid using a credit or debit card, or an online payment service such as PayPal, they might be able to recover the money from their payment provider. If they’ve used a digital currency such as Bitcoin, recovering the money may be difficult, if not impossible. Contacting law enforcement, such as the police, can be a useful first step. 

Bill Hogan

Bill Hogan is President of Partners Plus. A fast growing IT Support firm based in the Philadelphia area. Bill has been helping make life with business computers easier since 1981. His education as an Electrical Engineer at Penn State started a dual approach toward gaining expertise in both programming and computer networks. In 1991 he formed Partners Plus, Inc., to provide managed IT services to companies in the Philadelphia metropolitan area, based on being a business operations ally and understanding the need to speak to company leaders in plain English rather than ‘techno-babble’. And while others tend to focus their attention on the mechanical components of a computer system, Bill and his staff take a more global approach - how a network can be best used as an integral, reliable asset to the business owner’s goals. In 2007, after years of frustration with the sub-standard services he saw during network audits, Bill published “Hassle Free Computer Support” to educate business owners with the information they need to get superior technical support for their businesses A firm believer in keeping current with advances in technology and processes, Bill lead Partners Plus to become a Microsoft Certified Partner in 1998 and a Gold Certified Partner in 2008. And, Partners Plus Inc. has been selected by Microsoft as being in the top 1% of Partners serving the Small and Medium Business Market on the East Coast. Bill is internationally certified in Network Operations and is certified by Microsoft in project management and multiple Microsoft technologies. He also held the position of representative for the Mid-Atlantic region on Microsoft’s Advisory Board which manages all Microsoft Small Business certified partners. Partners Plus provides managed it services to clients in Philadelphia and the Delaware Valley and helps them choose, implement, and manage IT and cloud solutions that are cost effective and reliable. Partners Plus’ pro-active approach to IT support is ideally suited for companies in Wilmington, Delaware or Philadelphia who depend on reliable IT infrastructure, but don’t want to spend a lot of money to keep your IT services in Delaware that way. Partners Plus clients have come to appreciate the Partners Plus team focus on operations and the ability to get the core of problems quickly, and the knowledge of how to resolve issues as quickly as possible. With the institution of the Partners Plus Protection Program, the company can now monitor, identify and resolve many network issues in minutes without coming onsite.