When crypto-ransomware first hit the scene, it targeted home users. Eventually, plenty of hospitals and other healthcare providers were hacked. Ransomware hackers have since moved on to corporate networks. It is clear that this form of cyber attack is working quite well. There are no signs that the hackers responsible for ransomware infiltrations will slow down anytime soon.
Here are four signs to look for if you think you might be a victim of ransomware:
1. A splash screen blocks access
The most obvious sign that you're infected with ransomware is a splash screen upon startup that prevents you from using the computer and provides instructions on how to pay the ransom to restore access. If you encounter a screen like this, you're likely a victim of lock screen ransomware.
2. Files that won't open
If you are unable to open individual files on your machine and get an error message like one of these, you might be a victim of encryption ransomware:
Windows: “Windows can’t open this file… To open this file, Windows needs to know what program you want to use to open it. Windows can go online to look it up automatically, or you can manually select from a list of programs that are installed on your computer.”
Mac: “There is no application set to open the document… Search the App Store for an application that can open this document, or choose an existing application on your computer.”
3. Odd or missing file extensions
Those letters after the dot at the end of a file name are the file extension. They let your computer know what type of file it needs to read. Common file extensions include .doc, .exe, .pdf and .jpeg.
Files encrypted by ransomware often have extensions that end with something like .crypted or .cryptor. Many times, these files are missing file extensions altogether. In all of these instances, the Finder will display a blank icon for the file type.
4. You've received instructions for paying the ransom
If your computer has been infected with ransomware, the hacker responsible will have left payment instructions for you. Remember, the hacker wants you to read these files because their ultimate goal is to get paid, so the files should be somewhat easy for you to find.
Look for .txt or .html files that begin with an underscore (_) followed by clear language in all caps, such as “_OPEN ME”, “_DECRYPT YOUR FILES” or “_YOUR FILES HAVE BEEN ENCRYPTED.” There will be at least one instruction file located in every folder that contains data that has been encrypted by the ransomware.
A professional outsourced IT team can keep your business safe from today’s ransomware. Contact Gulf South Technology Solutions today to discuss a plan of attack to keep your business safe.