Ask A Wizard: How Does Ransomware Get Into My Computer?

Bit-Wizards is committed to helping you better understand the complex IT topics, problems and solutions that can impact your business in 2022. This Ask a Wizard series covers information meant to benefit the business community.  

Q: How does ransomware get into my computer?  

Ask A Wizard: Jason Monroe

A: It seems that ransomware is in the news almost daily. We often read about unfortunate companies infected by some hacker group in Russia or China, and we are blown away by the staggering ransom demanded. But what you might not hear about are the smaller businesses impacted by ransomware. Yes, those infections are increasing, and it can happen to you.  

So how does ransomware get into a computer? In short, through email. Most commonly, ransomware gets into your computer through a shotgun-style email blast with a link from an address you are likely to click on (say Amazon). The actual email is not from Amazon, but the email address is engineered to look identical. When you click a link in that email, it downloads a small program that quietly starts to encrypt your data. Now your computer is infected, but it’s not over.  

Once your computer is infected, the ransomware starts to spread. It hitches a ride in an email that includes an infected document or to your connected cloud drive. With ransomware, you have very little recourse. You may have a non-infected backup you can use (very smart), you may have to pay the ransom, or you may have to start over. 

The ransomware is intelligent and subtle at first. You don’t even recognize it is there and preparing to unleash havoc. Finally, the ransomware reveals itself and demands thousands of dollars. At this point, every computer and possibly your backups are encrypted. 

Protecting yourself and your business from ransomware on your own is possible, but it will take some dedicated work on your end. Some of the low-hanging items you can immediately address are things such as subscribing to a professional business email service, such as Office 365, and implementing an Advanced Threat Protection service that will scan each email and document. The combination of professional business email and Advanced Threat Protection will automate the protection of emails and documents coming into your business. 

Another priority for protecting yourself and your business is with a robust backup solution, and no, we’re not talking about an external hard drive that backs up your computer every night. A robust backup solution includes rolling backups from multiple days that are stored in a combination format, such as an external hard drive and a cloud backup solution. With this combination, you’ll be able to feel more secure, but you’re not bulletproof.