Ransomware

Ransomware - 2017.

NHS et all.

Last year we issued a general comment/warning about Ransomware and recent problems at NHS sites and world wide make it worth reiterating and updating.

Users of Windows XP have been particularly vulnerable to this attack (May 2017) because that system is no longer updated for free to protect against weaknesses discovered in the system. Since those systems are 10-15 years old this is not surprising and really they should be replaced by newer systems and at least not connected to the internet or a network connected to the internet.

 Ransomware - what is it ?

Ransomware is a relatively new form of malicious software that tries to prevent you accessing your data and demands a ransom to allow you access. Some versions try to lock your computer others encrypt your data in a way that is often effectively unbreakable even by experts. Paying the ransom does not necessarily get your data back and will of course help the malicious software writers.

SuperView is no more vulnerable than any other software however the designs you create with it are presumably valuable to you and your business - those designs can be attacked!

Superview uses a file format that may not be recognised as valuable but do NOT rely on this as a protection.

Protection

Like malicious software in general there is no single simple answer and the software may well change to try and work round any "solution". The following are a few basic pointers and cant cover every eventuality.

Backups

Both to help protect against Ransomware and to protect against other problems (hardware failure, office fires etc.) you should always have and use a backup procedure.

You should take frequent backups that are stored separately from your day-to-day data. Also backups should be discrete (i.e. each is complete) as sometimes you will not realise some of your data is encrypted/corrupt until some time later. So you need a "history" of backups. Be careful with online backup systems as these do not always allow you to go back as far as you might need to!

Remember the malicious software may well attack the backup files themselves!

Therefore the backups should be offline (ie not connected electronically to the computer) and when you do connect ensure the older backups are not exposed to corruption.

Users Behaviour

Many malicious software "systems" rely on users running software or infected "documents" to "install" their software. The techniques are so varied that we can not cover them here but certainly do not download or run any software or documents from an email/website unless you are very confident about that "link". Remember it is possible for an email to appear to come from a "known source" when it does not. So if you are not expecting that "link" even if you "trust" the source do not open it!

Protection Software

Obviously companies that sell anti-virus and web safety software will try to update their products to mitigate against these threats. So an up to date package would seem advisable and ensure it is kept updated.

As this attack in May 2017 has shown it is also important to ensure your operating system is up to date with service packs applied. Most modern versions of Windows have an automatic update mechanism so please ensure this is working.

Folder Protection.

Some protection (anti-virus) software tries to prevent files in important folders being attacked. These often include the folders SuperView uses  (eg Public Documents) but please check your individual setup of both the protection software and SuperView.

This protection method may however prevent SuperView accessing its design folders and files. If you get "access denied" error messages when trying to save a design or picture etc this maybe the cause.

Do not disable the protection instead add the SuperView program(s) to the allowed list that the protection software keeps. The exact technique varies depending on software package so please search the protection software's web site for guidance.

The Future

Ransomware software is unlikely to go away but may well change in nature and possibly become more complex (eg infect backups first then later attack the actual files).

Other hardware

Your business computers may be running Microsoft's Windows but your phones probably are not and your Smart home TV definitely is not!

In theory these are all vulnerable and if one device is infected any device that then connects to it can then spread it to other devices.

 In theory it is possible for a Smart TV at home to infect the work laptop you also connect to your Home WiFi that then infects your work machines! This is a complex scenario and is currently not common but the potential is there!

Disclaimer

The above are general hints and we can not cover all issues in a short document like this. If your data is vital to your business you should consider using a consultant to check your setups and systems. Backups and up to date software will help but nothing can carry a 100% guarantee.