I want to draw your attention to a type of malicious software that has been emerging in increasing numbers in several parts of the world. “Ransomware” is a type of malware that is designed to render a computer or its files unusable until a ransom is paid to the attackers. Ransomware often masquerades as an official-looking warning from a well-known law enforcement agency, such as the U.S. Federal Bureau of Investigation (FBI) or the Metropolitan Police Service of London.
It’s important for small and medium sized businesses to be aware of this type of threat and take precautions to defend themselves from it, because if attackers successfully lock the business out of their systems or encrypt their files, it could have a devastating impact on their business. The good news is that it is fairly easy to help protect yourself from this type of threat.
Some basic computer hygiene will help to protect your organization’s systems from ransomware:
• Install and use an up-to-date real time anti-malware solution from a vendor you trust. Some anti-malware software options are available on Microsoft’s security partner webpage.
• Keep all of the software installed on your system up-to-date. This includes software from Microsoft, Adobe, Oracle, Java, and others.
• Don’t click on links or open attachments from untrusted sources, as malicious emails (spam and phishing) are one of the most common ways people encounter ransomware.
• Regularly backup your important files. You can do this with a cloud storage service such as SkyDrive, which is also now fully integrated into Windows 8 and Microsoft Office.
The last recommendation I made about using the cloud is a very effective way to safeguard your data from threats like ransomware. Recovering from a ransomware infection and other attacks that seek to destroy your data are largely mitigated when your data is stored and/or backed up in the cloud. Your cloud service provider will help manage the risk for you.
If you want more details on ransomware, I have published a detailed article over on the Microsoft Security Blog. I also recommend visiting www.microsoft.com/security/portal/mmpc/shared/ransomware.aspx for more information about ransomware and how computer users can avoid being taken advantage of by these threats.