5 Signs You’re a Victim of a Ransomware Attack

The first-ever ransomware attack was created by Joseph L. Popp (the“father of ransomware.”) It was called the AIDS Trojan and was designed to target the healthcare industry way back in 1989. Even if many years have passed, this mode of cyberattack is still feared by corporations and individuals alike – and not without cause. 

Just recently, a report states that ransomware attacks have cost Canadian companies as much as $2.3 billion. And just recently a Canadian insurance company lost close to $1 million because of a ransomware attack. A broader look into 10 countries puts the total cost due to ransomware attacks at a combined total of $169 billion. It truly isn’t just the cost of the ransom in these attacks that contribute to the large losses, but also the cost of downtime when businesses are hit and paralyzed. 

With all that said, it definitely pays to be alert about this mode of a cyberattack. If you’re worried that your computer or network has been hit by a ransomware attack, here are the signs to look for – along the way, we’ll also cover some need-to-know basics about ransomware. Let’s get started

But Wait, What is a Ransomware Attack and How Does it Happen?

Ransomware is a type of malware that can target a business, an establishment, or even an individual. The malware is designed to encrypt the target’s files or lock the user out of a device or browser. The attacker will then demand a ransom so that access will be restored. In some cases, the attacker will threaten to publish private data unless the ransom is paid. It’s also common for the ransom to increase if not paid after a set time – this is done to pressure the victim to pay immediately. 

Ransomware can take effect on a single device or an entire network where the device belongs. There are various ways that ransomware can infiltrate. Here are the most common (and effective) ones:

• Malicious attachments on an email
• Drive-by downloading from an infected website
• Unsecured remote access solutions
• Internet-facing services that are not protected by two-factor authentication

What Are The Signs of A Ransomware Attack?

1. Files are Encrypted and Cannot Be Opened 

One of the signs is you won’t be able to open your files. When you try to open a photo, document, video, or any type of file that’s affected by the ransomware, you will be notified by your computer that you cannot open the file. 

Windows would notify with a message like “ To open this file, Windows needs to know what program you want to use to open it. Windows can go online to look it up automatically, or you can manually select from a list of programs that are installed on your computer.” On Mac, the messaging would look something like “Search the App Store for an application that can open this document, or choose an existing application on your computer.”

You will continue to not be able to open the files unless the cybercriminal gives you the decryption key to restore access.

2. Files Are Encrypted and the Content is Scrambled 

Crypto is well-known ransomware that scrambles both the file name and the entire content of the file. The decryption key is only released when the ransom is paid and this is what unscrambles the file. So if you ever find that suddenly file names are scrambled, this is probably the kind of ransomware that has hit your device or network. 

3. You Are Locked Out of Your Computer 

A specific kind of ransomware known as “locker ransomware” will deny you access to your device. This kind of ransomware does not only target your files but your entire computer. Because you won’t be able to open the computer, it’s common for the ransom note to be displayed on a splash screen upon starting up the device. 

4. You Are Locked Out of Web Browser/s 

Sometimes, the ransomware will target the web browsers that you have on your device. Upon opening these web browsers, you will see a ransom note instructing you on how to pay the cybercriminals via Bitcoin so that they unlock your browser. 

5. You See a File Containing Instructions for the Payment of the Ransom 

If your computer or network has been infected with ransomware, the cybercriminal behind it will definitely leave you instructions on how to pay the ransom. Typically, ransoms are paid in bitcoin so that the hackers can maintain their anonymity. The hacker would typically leave the ransom note/s somewhere that’s easy to find. If you are locked out of your computer, the note might show on the screen. If files have been encrypted, a new file would have been made in a .txt or .html format with clear titles, usually beginning with an underscore. Here are some examples of what ransom note files would be titled as:

• HELP_DECRYPT.TXT
• DECRYPT_INSTRUCTIONS.TXT
• HOW_TO_DECRYPT_FILES.TXT
• READTHISNOW!!!.TXT
• FILESAREGONE.TXT
• YOUR_FILES.HTML
• HELP_DECYPRT_YOUR_FILES.HTML
• IHAVEYOURSECRET.KEY

What Do I Do If My Business Becomes a Victim of Ransomware?

Paying the ransom is recommended as a last resort. On the news, you will read about businesses or establishments that take this route, simply because they cannot afford any more downtime. For example, hospitals that have been denied access to their files or devices are likely to pay the ransom so that they can quickly resume operations and save lives. 

Paying the ransom, however, is risky because it means dealing with cybercriminals who may not even honour their own ransom note. Furthermore, it can make you a likely target of another ransomware attack because you have exposed that you can and will pay. 

If you want to learn more about what steps to take if you are a victim of a ransomware attack, check out this article.

 How Can Ransomware Attacks Be Prevented?

The well-known saying “an ounce of prevention is worth a pound of cure” definitely applies to ransomware. Because once you have this kind of malware on your device or network, it can be close to impossible to reverse its effects without paying the ransom. 

But by setting up Managed IT Services from a trusted provider like Integr8, you can stay one step ahead of cybercriminals and keep your business safe. Our Managed IT Services ensures your cybersecurity with a multiple-pronged approach – which can include: installing effective antivirus software on all workstations, ensuring local and cloud-based backups, improving email security, providing training for your employees, and more. 

If an attack does happen, Managed IT Services will detect it immediately and isolate an infected computer before the virus can take over the entire network. The best part is all this happens round the clock without slowing down your business processes. So take a step towards upgraded security – contact us today!