WannaCry hit the world-wide scene a few days ago with catastrophic results for some. For those not familiar with WannaCry its basically a virus that affects computer systems by password encrypting data files and locking data owners out of their data. It affected individuals as well as businesses and agencies. Even hospitals were attacked.
The scam works this way, the virus encrypts the files on the system. When the user tries to access their data they get a message that tells them the files are encrypted and that they have to pay to get a password to decrypt the files. To make matters somewhat worse, a timer starts that gives the data owners a limited amount of time to pay before the data is locked forever. Very frustrating.
I had a similar experience a couple of years ago. I got up one morning and jumped on my computer to start the day’s work. To my surprise EVERYTHING was encrypted. Data, code, photos, videos…everything. For a split-second I panicked. Then my training kicked in.
I went to my server and deleted all the encrypted data. I ran a virus scan using the latest update of my virus scanner and accepted the results. I then went to my prior days’ backup and restored the data to the server. I was out of commission for approximately 3 hours.
Some would say it was a daring move to delete the encrypted data before restoring the backup. Fact is, I restore a backup on a monthly basis to test the quality of my backups and my restoration process. It’s the only way to know for sure the backup process works. So before this or the next WannaCry is unleased on your data please make sure you test your backup AND recovery process. Otherwise this malware may hold true to it’s name and make you WannaCry.
ACTION ITEMS:
- Apply Windows Updates and keep them current.
- Keep your anti-virus protection up to date and active.
- Don’t accept email or chats from unknown entities.
- Do your backups daily.
- Periodically restore a backup to test your process.
Recent Comments