Posts

Malware Removal

Malware Removal (& Ransomware off course)

The information technology industry has for some time now recognized the need for Malware and Ransomware protection, in the form of tools, software, best-practices, and backup. Malware removal – in particular is recently becoming a hot topic with IT pros.

Malware RemovalAnti-virus software firms, and anti-Ransomware detection & removal institutions have long sought to counter this threat to business continuity, in a joint effort to protect, and defend by cyber security methodology.

Surprisingly, in an out of the blue announcement the FBI releases what appears to be a free ‘do-it-yourself’ solution for companies attached by a vicious Ransom virus – GandCrab: “FBI Releases Master Decryption Keys for GandCrab Ransomware.

 Apparently, the FBI has shared this with multiple European agencies in an effort to combat an ultra threatening virus, which makes this a 1st in cyber anti-crime global cooperation.

The full code & story is shared here: www.bleepingcomputer.com 

 

What is GandCrab?

GandCrab operates using a ransomware-as-a-service (RaaS) business model, selling the right to distribute the malware to affiliates in exchange for 40% of the ransoms. GandCrab was first observed in January 2018 infecting South Korean companies, but GandCrab campaigns quickly expanded globally to include US victims in early 2018, impacting at least 8 critical infrastructure sectors. As a result, GandCrab rapidly rose to become the most prominent affiliate-based ransomware, and was estimated to hold 50% of the ransomware market share by mid-2018. Experts estimate GandCrab infected over 500,000 victims worldwide, causing losses in excess of $300 million.”

Its never too late!

Alternatively, some CIOs conduct preemptive measures to recover from such disasters, by backing up on alternate data centers, such as Amazon AWS (which differ from their business solutions data centers on Azure or Google), and gain the ability to restore from any point in time, any user or their whole MS exchange data, into a new cloud solution installation.

It makes sense to backup on cloud, and for the initial 14 days its completely free to fully try out the capabilities of a backup & restore solution such as CloudAlly.com provides.

Malware Restore

Malware Watch – Restoring from a Malware Incident

Malware Restore – IT managers are often faced with information technology incidents which alter their work environment, and affect their on-going operations, causing them to take measures which restore daily business activity.

Such incidents (where malware restore is necessary) are often ex-organisational and pose a serious concern for business continuity.

Malware activity is such an incident, but what is Malware?  The classic Wikipedia description of Malware is: ” Malware is any software intentionally designed to cause damage to a computer, server, client, or computer network. Malware does the damage after it is implanted or introduced in some way into a target’s computer and can take the form of executable code, scripts, active content, and other software. ”

Malware Restore

In a recent real incident a US Florida town decided to pay malicious hackers $600,000 (£475,000) to get its computers working again.  Malicious hackers managed to break into this US town’s computers, and insert a Malware code, which enabled them to disable IT operations until the ransom was paid.

In this case payment was made by Bitcoin, 65 Bitcons, in return for a return to normal IT operations.  This story was recently reported by the BBC Florida town pays $600,000 virus ransom.

It might seem so but this is not an isolated event, news & media organisations such as Associated Press have reported that in 2018, 1,493 such ransomware attacks occurred, resulting in an estimated payout of $3.6m for hackers.

Cyber security firms are a proven resource for trying to stop such incidents before they happen, but more and more its become recognized that 3rd party cloud to cloud backup is an effective recourse to restore data in main business solutions such as Office 365 email exchange, G Suite, Salesforce.com, etc.  Companies which backup their cloud business solutions, are able to restore their data, and setup IT operations again (on a new IT environment), avoiding ransom payments to hackers who wish to disrupt their business and gain from such activity.

Data Protection – Malware Restore

In order to enable a point-in-time restore, its obviously necessary to start by activating a backup for the selected business solution.  Click Here to download our why backup eGuide.

If you’ve experienced such a Malware incidents, and want to learn more about backup, email us.