What I Learned about Ransomware

Like many people I’ve heard about Ransomware and had a surface understanding about how it worked based on seeing these scenarios play out on recent episodes of Grey’s Anatomy and Homeland— you click on a link through an email or malicious website, the hacker then locks all your files until you pay a ransom.

As someone who works for a tech company (as a Project Manager) our security team is always talking about how ransomware is a huge threat to organizations. It wasn’t until recently when I saw a real life example of ransomware play out when one of our clients got infected. Here are a few things I learned from this incident:

  1. Don’t open attachments from questionable emails. Its best to always err on the side of caution.
  2. Once ransomware gets in, the hacker can add a tag to your files and encrypts them
  3. The importance of taking backups of all your files and systems. Our team was able to restore the client’s files without having to pay the ransom due to have accurate and up to date backups of all their data.
  4. If you do get infected, don’t turn off your computer! I learned that your computer should be treated like a forensic crime scene.
  5. You should disconnect it from your network! This will stop the spread of the ransomware to other devices on the network.
  6. The sooner you identify the potential attack, the better! You want to give the hacker as little time as possible to get their ransomware deployed. The longer they go unnoticed, the more damage they can do.

The most important thing I learned is that this can impact anyone. We are all vulnerable, no matter if you are a home user or work at an organization, if you are the HR person, or a sales person, we are all at risk and need to remain vigilant.