Your First Step: Do You Have Ransomware? If So, What Kind?

Your First Step: Do You Have Ransomware? If So, What Kind?

Widespread ransomware viruses include: Xorist, CryptorBit,CryptoLocker, Locky (often targeted at hospitals) and Samas.

You may need a ransomware removal tool if your computer shows a threatening message such as:

· “Your computer has been infected with a virus. Click here to resolve the issue.”

· “Your computer was used to visit websites with illegal content. To unlock your computer, you must pay a $100 fine.”

· “All files on your computer have been encrypted. You must pay this ransom within 72 hours to regain access to your data.”

Microsoft has a good resource describing what ransomware looks like and ransomware removal tool. Visit here

If you think you've got ransomware, visit the official US CERT ransomware page here

Ransomware Infographic

Ransomware Infographic
Ransomware Infographic

Saturday, April 30, 2016

New FBI Recommendations on Ransomware Response, Ransomware Removal and Ransomware Prevention


Don't pay a ransom, urges the FBI.  “Paying a ransom doesn’t guarantee an organization that it will get its data back—we’ve seen cases where organizations never got a decryption key after having paid the ransom. Paying a ransom not only emboldens current cyber criminals to target more organizations, it also offers an incentive for other criminals to get involved in this type of illegal activity. And finally, by paying a ransom, an organization might inadvertently be funding other illicit activity associated with criminals," says an FBI official

Instead the FBI recommends better ransomware prevention, such as employee training (pay special attention to spear phishing) and technical prevention tools, along with a good business continuity plan.
See the April 2016 update here

Friday, April 29, 2016

Ransomware Hits Michigan Utility

"Recently, the American public utility Lansing Board of Water & Light (BWL) has announced that the company has become a victim of Ransomware attack that knocked the utility's internal computer systems offline:" reports Hacker News here

The FBI is assisting the utility, which says none of its 96,000 customers has lost personal information in the attack. The specific type of ransomware and ransomware removal tool, if any, involved in the response has not been revealed by authorities.

Ransomware Responses

Ransomware Responses
Ransomware Responses