Think Before You Open: What is an Encrypted Ransomware Virus?
Sending a computer virus via email is not a new phenomenon and the dangers of opening attachments from unknown recipients are now commonly known. However, over recent weeks there has been a surge in activity of one particular type of virus, Encrypting Ransomware, and it could have a significant effect on your property management business and systems if you fall victim.
So what is it? How do you get it? And what can you do prevent it? We spoke to our Application Technical Consultant and security guru, Mark Holden, who answers the key questions:
What is the Encrypting Ransomware virus?
Without going all techy on you, Encrypting Ransomware is ‘cryptoviral extortion software’ which encrypts files on an infected machine and then extorts the user for money (usually using some form of digital currency because it’s untraceable). Once the user pays the ransom they are meant to be sent the key to decrypt the system, but this too often than not doesn’t happen.
How does a business get it?
The malware usually arrives as an email attachment, the email claiming to be from someone the recipient knows or with a subject line designed to let your guard down such as “Invoices”, “Word Document”, “Financial Report”, “Scanned Images”, “CVs”. Posing as normal, day-to-day business documents is what makes them so effective.
What can you do to prevent Encrypting Ransomware viruses?
Well, as expected, prevention is much better than cure and businesses should take all the necessary precautions to avoid exposing themselves to these types of viruses as it can result in a significant loss of data. Getting a reputable anti-malware system in place is a good start but businesses should seek professional guidance and advice to make sure their cybersecurity is up to scratch.
The National Cyber Security Centre website has a lot of resources available for businesses too.
Six ways to reduce your risk:
- If you receive an email that you weren’t expecting, or it’s from a recipient you don’t know and has attachments, you are strongly advised not to open these types of emails. Get a second opinion from your IT team or if it's from someone you know, send an email to them directly (not a reply) and ask if it's genuine.
- Turn off email preview in your email client program e.g. Outlook.
This will reduce the likelihood of you automatically opening emails without realising. - Make sure Microsoft Office (particularly MS-Word) doesn’t run macros automatically. This is a simple setting that can be accessed by going to a Microsoft Office Programme and selecting File, Options, Trust Center, Trust Center Settings.
- Set the default program for Javascript files (.js file extension) to be notepad. (Windows users only) You can do this in your Windows start bar and by clicking on ‘Default Programmes’ under Control Panel and choosing what programme is the default depending on the file type.
- Change security policies to block specific in inbound emails (Administrative staff)
The importance of regular backups
The only thing that will help if your business falls victim to an attack is restoring your property management software from a backup. We strongly recommend backing up your critical data regularly and storing backups in safe locations that aren’t linked to your system.