Mapping the ransomware infections.

Mapping the ransomware infections.

Fall 2013, the Cryptolocker malware made its debut and terrified computer users worldwide with its ability to hold whole computers for ransom, encrypting the files  on infected devices and refusing to unlock them unless the victim paid a fee. Throughout 2014, Cryptolocker mutated into RIG, Game-Over Zeus (GOZ) and OphionLocker, getting more and more nefarious with each new release, and it does not appear to be slowing down.


Lost in the media hype about embarrassing emails of Sony Exec’s, and the delayed release of The Interview, the original talks between Sony and hackers that stole information from the companies computer systems was an attempt to extort money in return for not taking the information public. Sony refused and soon thereafter the private information and emails were released to the prying eyes of the internet.


More commonly, especially with Small Business networks and Home Offices, ransomware locks and encrypts the data and information stored on an infected computer or device, preventing the user from gaining access. Then the virus demands money, usually in some form of untraceable currency, to unlock the users data. Users who have reportedly paid the ransom get mixed results, some get a key to get their data back, others lose their money and their data.

ShieldScared yet? You should be. This is a growing problem, mostly on older machines that don’t receive software updates anymore, or machines that do not have adequate virus protection. Currently, St. Aubin Technologies recommends and uses a 3 step approach to preventing ransomware and virus infections. Network security, Up-to-date workstations, and up-to-date Anti-Virus protection.

Its is now more important than ever to have strong network security protocols. Your networks first line of protection is to prevent the infection from ever gaining access to your network devices and workstations. Utilizing network security features can prevent ransomware and viruses from ever entering your network in the first place. Consider web filtering for instance; its not just for filtering your users and patron’s from utilizing your internet connection for watching porn, or controlling your users to be more productive by keeping them off of Facebook. Web filtering is a useful tool that can save your users from going to infected web-sites, or sites that are designed to trick users into installing viruses such as Cryptolocker and GOZ. Lets say that your devices are cars on the network, and the data they hold are the occupants of that car. Web filtering is like the bumper on a car, it can save the rest of the body from the drivers slight mistakes that could have been detrimental if that initial crush zone wasn’t there.


Remember early last year when you received notices from Microsoft and St. Aubin Technologies about the End-of-Life for Microsoft Windows XP? Those machines no longer receive the updates we are talking about. Probably time to consider replacing them if you already haven’t. Your networks second line of defense is the machine operating systems themselves. These operating systems should be up-to-date with the latest security patches available. If you are using XP or Server 2003 at this time in your network, and you do not have a plan to replace these machines yet, you need to. These are serious security concerns, and those older machines are the weak-link in your network. In our car crash from before, the security patches and operating systems on your machines are the structure around the passenger space, giving the car its form and look, but also proving ridged at this time of need and preventing in every way it can the other object from penetrating this protective shell and getting to the occupants.

(! Anti-Virus

Your networks third defense is the workstations and servers antivirus protection. St. Aubin Technologies has long been a fan of avast! antivirus protection. avast! Business Protection suites provide advanced protection for your workstations and servers, giving you peace-of-mind that if a user does accidentally let something through, the antivirus protection is there to save your data. Back to our car accident analogy, your antivirus is like the airbag, cushioning the blow of the impact, attempting to save the occupants. If your airbag is outdated, or non-existent, it won’t work as well (or at all), and your occupants will be lost to the impact.


The last line of defense for any virus, ransomware, or general computer failure is a good backup. You know what is fun about ransomware and in-house backups? An in-house backup (i.e. backup to a USB hard disk) is just a susceptible to ransomware infection and encryption as the machine itself. What this means is if you are using a USB hard disk as a primary backup destination, a ransomware infection can encrypt your backup right along with the rest of your computer. The only way to protect yourself and your data from this kind of failure is an off-site, cloud backup. We highly recommend Carbonite Online Backup. This removes your backup from direct access by the workstation, and its infection, protecting the backup from corruption, and allowing us to restore your data as quickly as possible in the event of a worst-case scenario. This is like the hospital in our car crash. The occupants are hurt and the car is totaled (in a way), but we can help them recover and get into new wheels as quickly as possible.


The battle for your security is an ongoing war, and the total prevention of all is just not possible in this day & age. As we make advances in protection, hackers make advances in intrusion. No one protection system is complete, but we can put in place an arsenal to try and thwart  the enemies advances. Utilizing the tools available to implement network security, and keeping operating systems and antivirus protection up-to-date, we can minimize your risk of infection and data loss.

To get your network checked, or to discuss your options for your business, don’t hesitate to call us. 305-247-2227


Comments are closed