According to Kaspersky [1], Ransomware Trojans are a type of malware that is designed to extort money from a victim. In general, it will demand a payment in exchange promising to revert changes that the Trojan virus has made to the victim’s computer. These changes might include:
- Encrypting data that is stored in the machines, so information can’t be accessed anymore.
- Blocking normal access to the operating systems.
Figure 1 demonstrates the process of a ransomware infection.
Figure 1: source AhnLab[2].
In line with AhnLab [2], security patches and backups might be the only effective solutions for ransomware attacks.
The latest ransomware attacks tend to use new malware and their variants to bypass antivirus programs. Since it is basically impossible to preemptively prevent and block ransomware, we can only establish a passive response strategy to minimize damages.
And it continues:
Unfortunately, some security vendors have misled customers into thinking that their security solutions, such as AV programs, can prevent ransomware. However, all security vendors emphasize two basic security measures in order to prevent ransomware attacks: backing up important files and applying the latest security patches.
In other words [2], applying last system patches might prevent infection (pre-response), and even if it is infected the damage can be minimized by restoring the last backup.
Figure 2 shows a screen of an infected system.
Figure 2: after being infected by a ransomware, restoring a backup would probably be the only resort.
As stated by Security Week [3], the backup would also be the best medicine when dealing with ransomware:
1. Back-up and Imaging of Data – With the exponential growth of corporate data, it’s difficult for enterprises to know what information they have and where it’s stored. However, this knowledge is critical to determine whether to pay a ransom. If a company has a solid backup of the data taken hostage, it may be able to revert to spinning up a new copy with backup restoration without needing to pay the criminals.
Bacula Backup Software (logo in Figure 3) particular architecture and independent security features ensure that your backup is safe from malware encryption. It has both Community and Enterprise versions, allowing to be deployed with any budget, in any company. Now, there is no excuse for being caught off guard!
Figure 3: Bacula: comes at night and sucks the computer essence. A reference to Dracula character.
Contact us today and let we help you with your backup project.
[1] Ransomware & Cyber Blackmail. {https://usa.kaspersky.com/resource-center/threats/ransomware}
[2] Ransomware Response: Ideal versus Reality. {http://www.gartner.com/imagesrv/media-products/pdf/ahnlab/ahnlab-1-2VS6RBW.pdf}
[3] Ransomware: Four Ways to Assess This Growing Threat as a Business Risk {http://www.securityweek.com/ransomware-four-ways-assess-growing-threat-business-risk}
Disponível em: English