Ransomware Myrtle Beach

Why Backups Aren’t Enough

Perfect backups will not always prevent the consequences of a ransomware attack, but backing up is vitally important.

Myrtle Beach Ransomware

 

The Problem with Ransomware:

A high-profile ransomware attack hit a well-known transportation agency over a recent holiday weekend.  This attack was a major eye-opening event, to say the least.  For the first time, a major transportation agency has been shut down by a ransomware attack.  To give you a few details, they estimated that approximately 900 of the computers in this agency were affected.  They were using backups and this provided them with the ability to restore data with no intentions of paying the ransom; so one would assume all was well.  Not exactly…

The transportation agency’s use of backups prevented them from losing all their customer and internal data.  The use of a simple backup prevented a major catastrophe for this agency.  Without the backups, they would have been faced with paying the ransom in this case, or been faced with heavy financial losses.  It took approximately 2 to 3 days in order for most of the computers to be restored and the rest followed within the week.  A large portion of their workforce was inaccessible for several days and some parts were down for almost an entire week.

The inability to work and work properly is going to cost any business money and valuable resources.  With the transportation agency’s computers inaccessible, they had to shut down the terminals and payment systems, allowing the public to ride the metro for free.  Many local articles stated that the systems being down was costing the agency $500K for every day that they were down and not working. This ransomware attack cost this transportation agency over a million dollars in the time they were down and not running.  Backing up a system can save data and is very important, but many times it is not quick enough to get you back online without losing valuable time.     

The Solution:

The story of the transportation agency demonstrates the vital importance of prevention when it comes to ransomware attacks.  In order to eliminate this problem before it begins, it’s important to put your emphasis on prevention instead of detection and recovery.  We believe that prevention is the only way to protect your business investment, and that is why we use global application whitelisting. Whitelisting allows you to avoid organized attacks and targeted areas because unknowns are always blocked no matter how new they are.  We have no way of knowing what antivirus protection the agency was using, but even with their backups they suffered huge financials losses due to downtime.

Prevention is key!  If you have any questions about ransomware attacks and how to keep your business protected, please give us a call at 843-282-2222 TODAY!

To Activate or To Cancel: The Flash Play Malware Conundrum

Before you suffer Hamlet-esque paralysis by analysis, we want to warn you about a Trojan that is currently targeting Android users around the world. This especially insidious malware doesn’t care how long you look before you leap because you are darned if you activate or darned if you cancel.

 

Flash Play Malware

 

Gotcha!

Once the app appears on your Android device, it doesn’t matter what you do. You’ve already been had. Taking the form of an Adobe Flash Player app, a typical, but counterfeit, appears on your device and displays the options of “Activate Device Administrator” or “Cancel.”

If an unsuspecting user chooses “Activate,” the pop-up screen disappears, but the Trojan activates in the background and effectively gains total administrative rights on the device. Obviously, “Activate” would not be the wise choice.

The Obvious Answer is Wrong

 Based on what we have shared so far, the obvious response would be to “Cancel.” Wrong. The “Cancel” option is another cleverly devised “Gotcha!” In fact, it may prove to be more frustrating than choosing “Activate.”

When you choose “Cancel” the pop-up screen disappears – just like you would expect it to. Momentarily. Then it reappears. No matter how many times you click “Cancel,” the pop-up keeps popping up. It won’t go away until you choose “Activate.”

But, Wait! There’s More!

A good criminal (Look folks! An oxymoron!) always has a backup plan. In this case, the malware has its own deletion prevention system built in. Imagine a bunch of cyber-thugs certified in virtual martial arts. This malware will not go away simply because you want it too and it already anticipates what you will do to get rid of it.

Houston, We Have a Problem

Like the Apollo 13 astronauts, we can be thankful that there is a way. It may look like duct tape and bailing wire, but who doesn’t love duct tape?

The Trojan can be manually removed by going to: Settings>Security>Device Administrators>Google Play Services>Deactivate.  Once the administrative rights are deactivated, the user can find the Flash Player update and delete it.

The moral of the story is that sometimes you get stuck between a rock and a hard place. Often, there seems to be no way out. Sometimes the way out is not evident or easy. At Tech Sentry, it is our mission to protect you wherever we can and to rescue you when you need us. Contact us today to learn how we can help.