One of the more frustrating aspects of technology is cybercrime. Hackers can steal valuable information, hold you up for ransom, vandalize your equipment or compromise systems and productivity. It is an ongoing challenge to protect your clients and firm from their attacks.
Recently, I have spoken with several advisors that have been impacted by a ransomware virus, and in speaking with a couple of IT firms, I learned they have received multiple support calls that involve this type of virus, too. I don’t view this as a coincidence, and therefore it is important for all advisors to understand ransomware viruses.
Ransomware viruses have been around since the mid- to late-2000s, and are activated similarly to other viruses. Often this happens by clicking a link in an email or website, or by opening an attachment that includes the virus.
There are two primary types of the virus. One completely takes over the computer and locks the machine. The second type encrypts files with a password or renders them unreadable. In both cases the virus instructs you to pay a “ransom,” often in bitcoin, in order to gain access to your computer and files again.
The ransomware virus that encrypts your files can be especially challenging. Any file that the infected user has access to can be compromised. This may a big, rich target when the infected user has access to files not only on their hard drive, but also on the server.
If your firm ever becomes a victim of a ransomware virus, it is very important to identify as quickly as possible the entry point of the virus. With the “lock machine” version of the ransomware virus it is of course easy to identify the initial entry point of the attack — it likely started with that specific computer.