File encryption. How does this happen and what to do?

"Why didn't you tell me earlier?" - one of the common questions from clients, who contact us with encrypted files, and we tell them everything that is outlined in this article.

When a virus-encryptor (Virus-Encoder, Trojan-Encoder) infects a computer, it's hard to assess the degree of loss, as typically years of work are stored on the computer. Starting over is a catastrophic loss of time, energy, and money.

Such a virus generally does not affect system files. Most often, valuable user files are encrypted: documents, photographs, and, most unpleasantly, databases.
It is dangerous because there are few methods to fight the encryptor, not all antivirus programs can prevent infection, and, as a rule, files cannot be restored or decrypted independently. After infection, a message may appear on the screen demanding payment for a decryption key that will unlock the files. However, as practice shows, paying the attacker results in losing both money and information.

How does the virus encryptor get onto the computer?

Usually, the cause of such consequences is the careless actions of the user.

The most common ways a computer can get infected:

• Downloading and opening attachments from unknown senders, with subject lines such as "last invoice" or "please check the report" and "reconciliation documents" etc.
  
• Clicking on links in emails or messages from unknown senders
  
• Accidental (or not) clicks on pop-up advertisements
  
• Installing unlicensed software from untrusted websites
  
• Via unverified unknown external media
  
• Through the local network of the company, the virus can be transferred from another, already infected PC

What to do?

In this case, only preventive measures are needed..

9 methods, that anyone can apply and it will significantly reduce the probability of infection and the extent of damage:

• Backups save lives! Create backups of databases and necessary files on external storage, never use removable media for anything else or upload files to cloud(e.g., Google Drive).

Set a rule or a tradition in your company to make backups of important data every Friday, for example. If necessary, you can do this more frequently. 5 minutes of backing up protect your data, time and your nervous system.

• Install an ad blocker in your browser

This will partially protect you and your employees from accidental clicks, visiting fraudulent websites and downloading malicious software

• Install licensed antivirus software

Antivirus is not a cure-all. According to different sources, it protects in 20% of cases. But those 20% are necessary for the protection of each of us.

• We recommend installing operating system updates

Microsoft releases security updates quite frequently. Before updating the OS, make sure to create backups.

• Do not click on links from unknown senders and do not open attachments from emails you weren't expecting.

Malicious content can be contained in any attachment - doc, docx, xls, xlsx, rtf. It is not uncommon for spam-emails to be sent from so-called governmental structures.

• Do not install software from unknown websites or untrusted sources

The temptation to install pirated software with an activator often leads to tragic consequences, because hackers can insert malicious code into the license generator.

• Do not plug in unknown flash drives, external disks

Work only with your own storage devices. And if you use external storage for servers and archival file storage, don't use it for anything else.

• Do not work under an Administrator account

Administrator accounts allow actions with high priority and to run malicious programs often without any warning.
A server is not for internet-surfing

If possible to avoid using the browser on the server, where the database is stored- it's better to do so. If you don't download anything from the internet on the server, can you guarantee that your employee won't do it instead?