Bryley Basics: How ransomware (Crypto Locker) makes backups more critical

Ransomware – usually Crypto Locker and its variants – is a form of cyber-malware based on encryption software that seeks payment (ransom) to undo the damage; when infected, the malware typically encrypts all data files, rendering them useless until the ransom is paid.  (Encryption software scrambles a files’ contents and creates an encryption key, essentially a code used to reverse the process.  Unless you have this key and the encryption software, the files remain unreadable.)

Hiawatha Bray of the Boston Globe recently reported a ransomware infection at the Tewksbury Police Department; after repeated attempts to decrypt, the Chief of Police paid the ransom.

Other than paying the ransom, which is risky and not recommended since it potentially makes you more of a target in the future, the only way to thwart ransomware is by restoring the corrupted files through a backup that was created before the infection.

A properly planned and implemented backup process is vital since data stored on a network server represents many hours of effort over time, making it impractical and usually impossible to recreate.  A properly functioning, multi-point-in-time backup is necessary to provide restoration under these and other scenarios:

  • A server fails
  • A file is deleted
  • A template is written over
  • An application upgrade fails and must be restored
  • A document is inadvertently changed and saved by a user

A backup should be a complete, recoverable copy of not just data, but the entire server/network environment.  It should have these properties:

  • Sequenced over many days
  • Complete image
  • Offsite storage

For information on backups, visit our Data-Backup Guidelines.

Winner of the FourStar Connections case-study contest

AS of Preserve, Inc. won our Fourstar Connections case-study contest; she correctly answered the three questions, submitted her entry online, and won a $25 VISA gift-card.

Recommended Practices: How to update technology

This is a multi-part series on recommended IT practices for organizations and their end-users.  Additional parts will be included in upcoming newsletters.

The psychological impact of an IT upgrade is significant:  Most employees are excited to receive new equipment (larger monitor, faster PC, better tablet), but often balk at a significant change – like introducing a new version of Microsoft Office – since their daily, tried-and-tested routines might shift, and not always for the better.  Also, these changes could impact their ability to get things done, even if for just a few hours during the cut-over.

In general, various groups involved might have different perspectives:

  • CEOs and C-level executives see IT as an influential asset that should increase operational efficiencies or provide a competitive advantage – either through data analytics or by enhancing the customer experience – but they don’t want the pace of technological change to inhibit growth.1
  • Professionals might be more willing to accept the changes (and the pain) that go with new technology, particularly if they see how these changes will help them succeed in their roles within the organization.
  • Middle management wants things to work the first time, every time. They are glad to have new equipment, but are concerned with keeping their direct reports functional and happy.
  • Office workers have the most to gain (or lose); some might be excited by the prospect of bigger-better-newer, but none want to lose what they had, whether it was an icon pointing to a specific file on their desktop or an older, label-printing application. To many, IT can be confusing and frustrating.
  • Line workers view technology primarily as a tool; when it is broken, replace it, but make sure the new one works the same as the old one or show me how to use the new one.

The strategic objectives of an organization also play a role in the process:

  • A growing organization will want improvement, but with a strong emphasis on planning to ensure that the direction taken is suitable, now, into the near future, and beyond.
  • A stable, slow-growing organization might focus more on replacement rather than on change, preferring to avoid the pain of a significant upgrade.

Typically, the management team develops the technology plan, either internally or with an IT partner like Bryley Systems.  (See how we helped Fourstar Connections through our Virtual CTO service.)  Needs filter up through the organization, typically during the budgeting process.  The implementation then filters down through the organization.

For technology planning and implementation, we recommend these steps:2

  • Define needs and requirements
  • Assess and select
  • Implement
  • Train

Define needs and requirements

Identify what you have before you decide what you need; a full inventory of all IT assets can remove the guesswork and point-out critical issues.  (We use Kaseya, our remote-monitoring-and-management tool, to inventory existing clients.  We also use Network Detective from Rapid File Tools to audit and assess new clients.)

Knowing what you need simplifies the decision and timing; having a good handle on where the organization is now and where it is going is critical, but also defining what constitutes success, and how to measure it, are important.

Consider these needs from the context of the different groups above; try to permit these groups to define their individual requirements within the overall plan.

Requirements can be as simple as counting new PCs or as complex as determining the best-fit solution to permit a quick recovery after a disaster.  Requirements should be recorded, categorized, prioritized, and then monetized.

Assess and select

We at Bryley Systems tend to err on the side of caution; we’re rarely early adopters and we don’t want to be far in front of the pack, but we do try to keep up with the well-tested tools and hardware that will improve our efficiency, particularly when this technology impacts our clients.

We also favor these technology-selection principles:

  • Business-grade (rather than consumer-class) equipment and software,
  • Well-known, USA-based manufacturers with time-tested credentials,
  • Available updates and ongoing support, and
  • Green and ergonomic (where appropriate).

Price should not be the overriding selection factor; a long-term investment should consider all impactful areas, including:

  • Going Green
  • Length of service

Going Green

In technology, going Green is mostly about reducing energy consumption:

  • Virtualization techniques can cut energy costs by efficiently using on-premise servers to house multiple platforms, both for server-based applications and for end-user access.
  • Tablets, Ultrabooks, and small-footprint PCs with SSD drives consume less electricity than traditional PCs with internal fans and moving parts.
  • Inkjet printers use significantly less energy than laser printers.

However, other Green factors can also apply:

  • Printers that print two-sided (duplex), reduce costs and paper use.
  • Multi-purpose printers that fax, copy, and scan increase efficiency.
  • Fewer components, each with higher value, simplify recycling.

Length of Service

Most technology decisions have a span of three to five years; newer, virtualized platforms and Cloud-based options can be significantly longer.  Due to the rapid pace of change, planning horizons are typically only a few years, but consideration should be given to the longer term.

Implement

Implementations work best with planning and preparation; knowing what to expect and being prepared to deal with anomalies can shorten deployment time and minimize user disruption.

A solid, reliable series of backups should be completed and verified before starting.

We try to schedule our automated deployments to occur overnight or over the weekend, often arriving early the next business day to sort-out any issues.

Train

Often overlooked and usually under-budgeted, training should be considered, particularly when deploying a software change that introduces a new interface to the end-users.

Training often occurs during implementation, usually by the implementer showing the end-user what is new.  However, pre-implementation training on any new technology platform will facilitate a successful transition.

For large-scale deployments of new technology, we recommend initial group sessions followed by refresher courses for those greatly impacted.

Sources:

  1. Dennis McCafferty of CIO Insight What CEOs expect from IT investment on 4/17/2015.
  2. Brian J. Nichelson, PhD, of About Money Keeping up with Technology – Four Steps and some Resources, undated.
  3. Susan Ward of About Money Information Technology Makeover, undated.

Anna D achieves Microsoft Sales Specialist

ad16Anna D, Account Executive at Bryley Systems, successfully completed the training and testing to become a Microsoft Specialist for SMB Infrastructure.

Congratulations Anna!