In recent months there have been many cases of computer attacks by a data encoding
virus demanding a ransom for its release. The CEO of TerraSafe gives us some pointers
on protecting ourselves from this threat.
In recent months, our Company TerraSafe has handled a number of incidents where our
customers had been infected with a unique, new virus (to be precise – RansomWare) that
encrypted all the important files on your computer and then demands approx. $300 as
ransom for releasing the files and decrypting the impenetrable encryption. Recently
published data shows that some organizations paid a staggering amount of $10,000 in
exchange for “releasing” their files.
The last version of this RansomWare virus called CryptoWall – has been distributed across
the world for some months, attaching hundreds of thousands of computers. My investigations
showed that it is assumed the hackers behind writing and spreading the virus have already
made over a million dollars.
But what does this have to do with backup?
Our customers, who were infected with the virus, contacted us and we restored all their
material as of the day before the attack, meaning they received all their backed up files in
ordinary condition and ready for work, all without having to pay ransom to any hacker
More than 600 thousand computers worldwide have already been infected with this unique
and innovative virus and many businesses, as well as private users, have been damaged and
lost valuable digital material.
Files that have already been encrypted by the virus cannot be reinstated since they are
encrypted in the strongest form of encryption that cannot be easily or quickly opened. The
virus encrypts the victim’s information using a public key cryptosystem. In order to open the
encryption (decrypting), a private encryption key which can only be found on the hackers
servers is needed and the only way to get it is to pay the demanded ransom.
What do these incidents teach us?
We learn that the protection we gain from a proper, secured, daily back up system is
extremely wide-ranging and also covers irregular incidents, such as a virus uncontrollably
encrypting your information, which might cause extensive irreversible damage.
Clearly all possible measures to protect information should still be applied, including:
antivirus, firewall, backup and most important, appropriately instructing the organization’s
employees on cautiously using the computer in order to significantly reduce the chances of
getting infected by various malware. Despite all available protections, the greatest risk still
lies in the possibility that an employee will open malicious emails and press the wrong link,
thereby leading to the initial infection of the organization’s computers, meaning here the
human factor is also a key player.
Furthermore, it is extremely important to correctly and professionally plan the data saving
history (how far back we keep information that was erased or various versions of files). On
the one hand, a greater history will considerably increase the backup volumes; while on the
other hand, a rather short history will not provide a sufficient backup system. We often learn
of loss of information a long time after it occurred and therefore, proper management of the
organizational information history is imperative.
I strongly recommend consulting with a professional backup company on backing up and
protecting organizational information, you’d be amazed at how many different ways there are
for backup and only a few are actually efficient.
In conclusion, you must consider and remember that the level of cybernetic risks and dangers
is only increasing over time. There is a genuine need to be aware of the various dangers and
acting in a secure and correct manner with our computers system. Nowadays our most
valuable information is stored digitally and thus somewhat exposed to various dangers.
Applying the correct precautions can make all the difference!