You’ve probably already heard about the malware “ransomware”, maybe a colleague mentioned it at work or you heard about it on the news? But what exactly is ransomware and what are the dangers to your company? Are you confident you have ransomware protection?

Ransomware is a dangerous piece of computer code that locks down computers and their data and then demands money to unlock the computers and data.

This malicious program has already hijacked entire corporation computer networks, their databases, websites and home users too. Its recently also affected several hospitals in the UK in May 2017.

So how could your computer or network become infected with ransomware and is there anything you can do to protect yourself from it? And if I am attacked, should I pay the ransomware demand?

Should you pay the Ransomware demand?

Most ransomware attacks seem to be immaculately orchestrated. They use military grade AES and RSA encryption algorithms to attack computers users, companies, critical infrastructure organizations (such as hospitals) and even governments!

So the question is, should you pay the ransomware demand? Well at this point its worth mentioning that if you’ve been infected by ransomware, you’re not guaranteed to have your data unlocked if you choose to send the payment demand. Payment is usually made with the hard to trace currency called bitcoin which means that attackers cannot be traced and they stay on the loose for further potential attacks.

Also by paying, you are only adding fuel to the fire of this type of cyber-crime. You’re also providing the criminals with further resources to enhance and improve their nasty business model. Some threats are also poorly coded and recovery may simply not be possible due to technical issues. Thankfully there are researchers who are releasing more and more decryption software that can unlock ransomware for free. So its best to try everything first to avoid funding the threat attackers.

How can I protect my business And Avoid Ransomware?

The majority of ransomware attacks come from email. It arrives containing a malicious ZIP, JavaScript or Microsoft Word attachment. Unsuspecting recipients open the attachments which may be disguised as job offers, an invoice, order details, a failed delivery notification or something equally as catchy. You are then contaminated with ransomware when you open one of the attachments. So one of the best ways to avoid ransomware infecting your company is to be very cautious when opening emails with attachments, even if they come from what looks like a trusted source. Furthermore, increasing your email provider’s spam filter settings will protect you further. Contact us so we can assist with this.

Meanwhile, some ransomware attacks are engaged from compromised websites. When you visit these websites, a tool on the website will scan your computer for software vulnerabilities and exploit them and run harmful code in the background. Out-of-date Adobe Flash Player or Java pose the main security vulnerabilities. It goes without saying that its critical to keep all your software up to date with the latest patches so you can avoid ransomware. This includes all those annoying windows patch updates!!

Another way to protect yourself is backup backup and backup some more!! You should be backing up all your data which should include an offsite backup that is not connected to your network. Savings files to OneDrive or a similar cloud storage is NOT a backup of your data! Contact Cornwall IT who can help you avoid ransomware!

What Does Cornwall IT offer for Ransomware Protection?

Our recommended security software offers ransomware protection for your business in the following ways:

– Protection against specific malware attacks that evade detection by many other anti-malware software through the use of obfuscation and/or encryption.

– Real-time protection for business network drives.

– Live-Grid scanner to constantly monitor potential threats to your system

– Our software checks for updates every hour to keep your security definitions up-to-date.

What if I don’t have a backup? Can I recover from Ransomware?

Recovering from a ransomware attack can be very messy! All your critical data stored on local drives, network drives (including OneDrive, Google Drive, iCloud etc), and removable media get scrambled with an impossible to crack encrypted algorithm. Worse of all what if you don’t have any backups to recover your data from? The first thing you need to do is to find out what ransomware family you are being attacked from and then find out whether there is a free decryption program available for it. There is also an online service called ID Ransomware ( which can detect more than 300 strains, so that’s a good place to start. We also have a partnership with a security software vendor who can assist further with decryption tools. Contact us to see what we can do to help.

The future of Ransomware? The ongoing fight to Avoid Ransomware!

In August 2016, various IT experts created a ransomware strain to highlight the vulnerability of smart thermostats. In February 2017, a different group of IT experts came up with a version of ransomware that attacks industrial control systems. It’s completely naive to think that criminals cannot do the same. In fact there is already ransomware strains that can attack Android-based smart TVs. Ransomware is here for now and the fight goes on to continue to improve the ransomware protection on offer for businesses.

In fact, you may think you have survived any Ransomware attacks up until now, but your system could have already have been compromised and you may have already been infected with a Ransomware attack lying dormant, for now! Don’t be a business owner who says: “It will never happen to me!” It might have happened already, you just don’t know it until its too late.