Posts

Windows users are often the victims of ransomware attacks. For example, in 2017, WannaCry and Petya ransomware infected hundreds of thousands of Windows PCs around the world. Unfortunately, ransomware strains that specifically target Macs are expected to grow in number as well. If you have a Mac, follow the security best practices below to avoid getting infected.

What is ransomware?

Ransomware is a type of malicious software that holds computer systems hostage via encryption until a ransom is paid. Attackers typically threaten to release the encrypted information to the public or destroy sensitive data if victims don’t pay within a certain deadline. Healthcare and finance organizations, in particular, are more likely to pay the ransom because these organizations tend to be worth a lot of money and have many valuable assets, and can’t afford to lose access to their critical data.

As its name suggests, Mac ransomware is simply ransomware that targets Mac desktops and laptops. And just like other types of ransomware, it is typically distributed via phishing emails.

Types of Mac ransomware

In 2016, the KeRanger ransomware was distributed through the popular BitTorrent app Transmission. KeRanger was signed with an authorized security certificate, allowing it to evade macOS’s built-in security measures and infect more than 7,000 Mac computers.

Meanwhile, the Mac ransomware strain Patcher was discovered in 2017. It disguised itself as a patching app for programs like Microsoft Office. When launched, Patcher would encrypt files in user directories and ask for a Bitcoin ransom. But the ransomware was poorly built, so there was no way to retrieve the decryption key once the ransom was paid.

In 2019, the EvilQuest ransomware encrypted files and forced victims into paying a Bitcoin ransom. Much like Patcher, however, there was no decryption key, leaving those who paid the ransom with nothing.

Ransomware attacks like these can make a resurgence at any time, which is why you need to be prepared in case of an attack.

An ounce of prevention goes a long way

Preventive measures are the best way to keep your Macs safe from ransomware. This involves installing only programs from the official App Store and the latest software patches to defend against the latest threats.

Since phishing emails are the usual delivery method of ransomware, be wary of suspicious links and email attachments. Always be on alert even if the email appears to come from a legitimate company or someone you know.

You must also maintain offline backups and have a disaster recovery plan to keep your business running in the event that ransomware successfully infiltrates your systems.

Responding to ransomware

If your Mac is infected with ransomware, do not pay the ransom fee, as there’s no guarantee that hackers will provide a decryption key and release your data. Instead, use an up-to-date anti-malware program to remove ransomware from your computer. There are also free ransomware decryption tools online that you can use to remove the infection.

If these tools don’t work, contain the spread of the ransomware by disconnecting from the network. Afterwards, run data recovery procedures and immediately seek the help of our cybersecurity experts. We stay abreast of the latest Mac security threats and know just how to keep your business safe.

If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from TechAdvisory.org SOURCE

Although a majority of ransomware attacks usually target Windows PCs, this doesn’t mean Mac users are completely safe. Ransomware attacks for Macs have occurred before, and are growing more widespread over time. So how can you prevent ransomware from infecting your Mac? We’ve compiled some helpful security tips for you.

What is Mac ransomware?

Ransomware is a type of malicious software that holds computer systems hostage until a ransom is paid in gift cards, or cryptocurrency like Bitcoin or Ethereum. It’s typically distributed using phishing emails, but it can also spread via unsecured networks.

When Macs are infected by ransomware, users won’t be able to access their data since it’s encrypted. Ransomware messages may also threaten to release the information to the public or destroy sensitive data if victims don’t pay within a certain deadline. Healthcare and finance organizations, in particular, are more likely to pay the ransom because these organizations tend to have a lot of valuable assets, including money, and can’t afford to lose access to their critical data.

Types of Mac ransomware

In 2016, the KeRanger ransomware was distributed through the popular BitTorrent app Transmission. KeRanger was signed with an authorized security certificate, allowing it to evade macOS’s built-in security measures and infect more than 7,000 Mac computers.

Patcher was another strain of Mac ransomware that was discovered in 2017. This type of ransomware disguised itself as a patching app for programs like Microsoft Office. When launched, Patcher would encrypt files in user directories and ask for a ransom paid in Bitcoin. But the ransomware was poorly built, so there was no way to retrieve the decryption key once the ransom was paid.

In 2019, the EvilQuest ransomware encrypted files and tried to trick users into paying a Bitcoin ransom. Much like Patcher, however, there was no feature to decrypt files after paying, leaving those who paid the ransom with nothing.

Ransomware attacks like these can make a resurgence at any time, which is why you need to be prepared in case of an attack.

An ounce of prevention goes a long way

Preventive measures are the best way to keep your Macs safe from ransomware. This involves updating your software regularly to defend against the latest threats and only installing programs from the official App Store.

Since ransomware initially infects computers using phishing emails, make sure to avoid suspicious links and email attachments. Always be on alert even if the email appears to come from a legitimate company or someone you know.

You must also maintain offline backups and have a disaster recovery plan to keep your business running in the off chance that ransomware successfully infiltrates your systems.

Responding to ransomware

If your Mac is infected with ransomware, do not pay the ransom fee, as there’s no guarantee that hackers will provide a decryption key and release your data even if you give in to their demands.

Instead, use an up-to-date anti-malware program to remove ransomware from your computer. Cybersecurity experts may also release free ransomware decryptor tools to remove the infection, so keep an eye out for these on the internet. If these programs and tools don’t work, contain the spread of the ransomware by disconnecting from the network and run data recovery procedures, provided you’ve backed up your data in an external hard drive or the cloud.

Mac ransomware attacks may not be common, but they still pose a great threat to your business. If you need more guidance, contact our team of security experts today. We stay abreast of the latest Mac security threats and know just how to keep your business safe.

If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from TechAdvisory.org SOURCE