9 things you need to know about ransomeware

August 8, 2016

Ransomware, or cryptoviruses, are a type of computer virus that infect your computers and lock your critical data files. The following is a short FAQ about these viruses and why you need to worry.

It’s impossible to read the news online and not hear about a new class of computer viruses called ransomware. These are a very nasty type of virus that can devastate a practice.

The following is a short FAQ about these viruses and why you need to worry.

What is ransomware?

Ransomware, or cryptoviruses, are a type of computer virus that infect your computers and lock your critical data files. Typically, you know that you are infected because when you try to open a file, a screen will pop up and inform you that your files are locked and that if you are willing to pay a “ransom,” the perpetrators will provide you with a key to unlock your files. The files are encrypted with a very high level of encryption.

Related reading: 4 things you need to know about the dangers of ransomware

How do I get infected?

Opening an email attachment from an unknown source has always been the main method of infection, but there are more and more cases of people getting viruses just by visiting infected websites or other means.

Can I unlock the files myself?

Basically… no. There are some older types of cryptoviruses that have been broken, but most cannot be unlocked without the key. Trying to brute force the password would take over one billion years, even with a supercomputer!

Related reading: How to protect your dental EHRs from cyber attacks

If I pay the ransom with a credit card, can’t I just dispute the charge afterward?

I wish it were that easy. Almost all ransomware requires payment in an electronic currency called Bitcoin. This currency is untraceable back to the recipient, which is why it’s so popular.

How much will I need to pay?

I’ve seen ransoms from as little as $300 to high as $2100. Your mileage may vary.

 

Continue to page two to learn what happens if you refuse to pay the ransom...

 

 

If I pay the ransom, am I guaranteed to get the unlock code?

Nope! Once the thieves have your money, which is untraceable, you are still at their mercy. Most will provide the code; if word were to spread that the ransomware perpetrators were not providing the keys, less and less people would pay the ransom, that would defeat their business model.

Related reading: Dental practices targeted by cyber ransom attacks

What if I don’t want to pay the ransom?

Your best, last line of defense is to restore from a backup. The backup system we use for our clients, DataProtect, encrypts the backup, and I’m not aware of any cryptovirus that can attack an encrypted backup file. That being said, you need to consider the time and energy needed to restore from what could possibly be data from the previous day vs. just paying the ransom and being done with it. There’s no easy answer here.

Once I remove the virus and get my data back, I’m done, right?

Unfortuantely, no. The Office of Civil Rights has recently clarified that if you are infected with ransomware, you have suffered a breach and must now follow the Breach Notification protocols which includes sending a letter to every patient. Told you these viruses are nasty!

Related reading: 4 crucial steps for dealing with a data breach in the dental practice

Can I prevent an infection from happening?

Yes. While restoring a backup is often your last line of defense, in my opinion, the best defense is making sure you never get the virus in the first place. You should review email and website best practices with everyone in the office. There are specific software programs, like Cryptoprevent and Hitman Pro, which specifically protect against these viruses, and are very inexpensive and easy to install.

If you are hit with a ransomware virus, feel free to call my office at 866.204.3398 to discuss your options.