We received a call from a company stating that they could not open any of the files on their NAS (Network Attached Storage) file shares. After some troubleshooting, CSI determined that they were a victim of Ransomware or the Cryptowall 2.0 malware attack. It comes in the form of advertisements that, if downloaded, can put your hard drive’s files in a password protected state and render them useless unless a ransom is paid to the owner of the virus. In this situation, the files were the entire companies files located on the NAS or shared file area.
The malware came in through a workstation PC. The PC was running the latest version of antivirus however, this malware cannot be detected and prevented by traditional antivirus programs.
The only way for this customer to regain access to their files was to pay the “ransom” to the anonymous hacker via bitcoin payment methods to the tune of thousands of dollars! Bitcoin is a service like paypal but untraceable.
Unfortunately, this customer did not maintain a backup of their files otherwise a simpler and less costly solution would have been to simply delete the encrypted, unusable files and restore the good working files from a backup.
In the end, the customer was without file access for about 2 weeks while they worked through the process of paying the ransom and obtaining decryption codes for their files. According to the customer, the most difficult part of this ordeal was the 2 week period without their data files.
These types of tragedies can be avoided. CSI has compiled a list of tips to help prevent this tragedy.
Tips to prevent being a Victim of Malware/Ransomware:
CSI utilizes a team of highly trained specialists and strategic partners to provide IT services and solutions for leveraging your IT investment, regardless of size. CSI works with companies of all sizes to develop the best IT solutions for your unique needs and also offers complete managed IT services.
Copyright © 2020 CSI Consulting Group - All Rights Reserved.