From Lawyer’s Mutual of North Carolina. This information was sent for law firms, but can affect everyone, so I’m posting sections of it in hopes that at least one person might be helped!
“You’ve heard of malware which is software intended to damage or disable computers. Ransomware is software designed to block access to a computer system (hold your client files hostage) until a sum of money is paid. If the money isn’t paid, your files stay encrypted forever. A recent episode of “The Good Wife” used ransomware as part of the storyline – doug.
Many malicious computer attacks require that the user click on something. However, the most recent versions have been using digitally signed certificates to appear authentic to security programs. Then, the ransomware is embedded within advertisements on websites. This has allowed them to evade detection by most anti-virus products while requiring little or no action by the user in order for the virus to be downloaded.
In fact, in some cases, a user visited a legitimate website and an infected advertisement on that website began automatically running, which downloaded the virus.
What you can do to reduce your risk:
- Make regular backups of your data system and do not have them accessible through your network. Some options include daily or real-time cloud-based backups or nightly serial backups onto an external drive that is disconnected when not backing up the system.
- Install an ad blocker plug-in on your web browser such as Adblock Plus.
- Keep your web browser up to date.
- Keep your anti-virus software up to date.
- Enable the “Click to Play” feature on your internet browser and for any plug-ins.
- Be vigilant about the websites you visit.
- Think before you click – some viruses are disguised as security alerts such as telling you there is a virus on your computer, exploiting your desire to click on the window quickly to get rid of it…only to then find that it was a trap.
- Do not click on advertisements – rather go to the company’s page by typing in its normal web address URL.
- Avoid clicking on links in suspicious emails.
Do not download attachments unless you are sure of their source and content.
If you are a victim, the FBI’s recommended course of action from 11/8/2013 is to “scrub your hard drive and restore encrypted files from a backup” (https://www.fbi.gov/