Cyber Security for the Home and Small Business – Ransomware – Episode 1

August 4, 2020 Leave a comment

Cyber Security for the Home and Small Business

Episode 1

Ransomware

8/3/2020 – Jeff Schneider – “The IT Department”

I was just listening to a story about a small company that was recently infected by “ransomware”.  Ransomware is definitely a security concern no matter the size of your network domain, but based on media reporting, it is an extra popular topic right now.

I know the horror of slowly realizing you just lost 2 hours of your best work because your computer crashed.  I cannot imagine the horror of slowly realizing that all your computer files have been scrambled and they are asking for a password that you don’t know.  Or, how about all your business’s computer files?  And, if someone/something touched them, what else happened?  Did they read them?  Were the contents sold to the “dark web”?  Was everything posted on public Facebook accounts?  What next?

Great news though; You can have everything back like it was.  “Just send 2 bit-coins to Turkksbekistan and we’ll give you the password.”  (You think, great, WTF is a bitcoin, but if it’s only 2, how bad could it be) …  Imagine the horror of discovering 2 bitcoins is $23,000.

I think what makes ransomware, so news-worthy is that it goes beyond the viruses of old.  It’s not just mischievousness or vandalism.  Somebody is causing you pain, and demanding payment!  We’ll cover opinions on the death penalty on another web site.

Now it’s time to start blaming.  If you had only have been at the office, behind the big expensive and protective firewalls, this would never have happened.  If you had just listened to that guy advertising on late night TV and bought that software… “Wait, what about my backup files.  I am sure glad I wrote the date on that floppy disk.”  Too bad it ends in 2005, and too bad it’s on a floppy disk.  Now what…?  If I tell anybody, I’ll have to deal with the embarrassment.  If I have to tell my Boss or the Customers, they might be angry or worse.  This is a deep dark place, and I don’t mean to make lite of the situation, but in technical terminology, you’re screwed.

Next stop in the stages of grief… If I just cash in some 401k, and pay the 23 Gs, this will be all behind me.  They WILL give me the passwords to ALL the files, right?  I mean, this is a reputable business, right…?  As the questions get rhetorical, you see where this is going…

So, let’s put a plan together to make sure this doesn’t happen ever (again).  It doesn’t matter if you work for a big Company that should have you covered (they probably don’t).  It doesn’t matter if you are a sales agent working from your kitchen table connected to your neighbor’s Wi-Fi.  And, even if you are enjoying retirement, you NEED a plan.  Nothing complicated just a plan, and I promise it won’t take that much of your time.

Taking in to account some Amazon shopping, a few visits to Facebook and a couple of cute animal videos on YouTube, I would give myself about 8 hours.

Your Ransomware Plan

  1.  Learn about it.  Google (a verb), “Ransomware”.  How do you get it?  What does it look like?
    1. I’ll give you the “Cliff Notes”: “Don’t click on that link in the email, you didn’t really win.”
  2. What’s the best way to recover from Ransomware?

Answer:  Have a recent/current backup of your files that were ransomed.  Set this up and, check often to make sure it’s working.

  • Bonus:  Get an app that can identify things ransomware does and stop it.
  • Bonus 2:  Is ALL my software “patched” and current?  This is another terrific way to limit your exposure.  More on this in another episode.
  • Think through some scenarios and refine the steps to recovery.
  • Document your work (keep it to one page or less).
  • This also might be an appropriate time think about exactly what you are backing up and why.  Files for work, Customer information, accounting information, employee information, inventory, etc… Is it important?  For how long?  How current does it need to be? 
  • Bonus 3:  Is any of the data “sensitive”?  For example, Customer information, Customer credit cards ( ! ), bank accounts, employee data, passwords ( !!!! ).  If yes, consider developing a separate strategy or at least highlighting this information in your document.

Tell your Boss you have a plan.  Tell your Customers you have a plan.  Tell your insurance company you have a plan.

Let’s dig into the backup strategy a little more:

  • After your files are backed up, the backup copies should have an “air gap” between them and the original files or at the very least should be protected by a password different from the one that you use for everything else (you don’t do that – do you?)  Why?  It’s not useful to have backup files that are also part of the ransom.
  • The backup processes need to be as automated as possible.  It’s important that the automation be able to tell you how it is doing via some sort of message or email.
  • Backup files should be somewhere else.  This means, cloud, safe deposit box, etc…
  • How?  There are so may ways to approach this.  From DIY to a one-stop-shop service like CrashPlan, Blackblaze, … (there are a LOT of these).  You may already have some cloud storage if you use applications like Office 365 or have an Apple account.  If you want more of a manual process, a portable hard drive or “thumb” drive is a possibility, but don’t forget, set a reminder.
  • As long as you keep track, it doesn’t hurt to have more than one backup strategy at the same time.
  • Some of these approaches get a little “techie” but that’s why I am here.  I don’t mean for this to be a marketing call.  I don’t care who helps you, but getting a little help is not a bad idea.  It could save you a lot of headache someday.  The saying is, “The most expensive backup is the one you didn’t do”.

What about recovery?

  • The key to recovery is, find out what is scrambling your files and eliminate it before you start.  (you might need help here)
  • Bonus:  Find out how it happened in the first place.

This isn’t going to save you from everything, but along with a simple, but comprehensive security plan, you will be 100 percent ahead of where you were before. You will be 100 percent ahead of your competitors, co-workers and family members.

Watch for more plans and ideas in future Episodes.

Leave a Reply

Your email address will not be published. Required fields are marked *