Ransomware affects cloud applications just as much as it affects local ones. This means that even if you got your cloud storage protected, it’s still not entirely safe. How come it is not safe? What will you do when you become a victim of ransomware? How do you protect your drive from it? Find out more in this video.
Pete discusses what to do if your files are infected with the CryptoLocker virus and how to protect your Google Drive from any viruses.
To learn more about our Cloud Support Service, or schedule an IT Systems Check, contact itGenius - the Google Workspace Experts
CryptoLocker viruses can easily compromise your files from simple actions, such as clicking on a link or downloading an email attachment. It spreads across all your data and starts to encrypt targeted files, leaving you with no choice but to “ransom” it. If you’ve automatically synced files to your Google Drive, then the uploaded data is now infected with ransomware.
When this happens, restoring your files may not always be easy, as the only way is going back to the revision history in your drive and work on it one by one. There’s no point in time restoration and you need to manually go through all the file revisions.
To ensure that this does not happen to you, here are a few simple steps:
- Secure a local antivirus and do not rely on default computer antivirus.
- Have a cloud disaster-recovery software that allows restoring files to a point in time.
Is Google Vault supposed to save a copy of your files that you can restore? Yes, it still allows you to save a copy of your emails and files for archiving purposes, but it is not designed as a disaster-recovery application.
How can we help you? The top two steps are available for free when you sign up with any of our Cloud Concierge support services. We manage your daily IT tasks, like maintaining your G Suite accounts, setting up users, domain name registration, antivirus, and disaster recovery, so your business is not at risk with ransomware attacks.
Transcription:
Hi there. My name is Peter Moriarty and today I'm covering off what to do if you've been infected with a CryptoLocker virus inside your Google Drive.
If you don't know us, itGenius is a startup and small business IT consultancy with service businesses all over the world and we've helped literally thousands of small business owners with their technology and we focus on G Suite and the Google Cloud suite of applications. We're the number one small business partner for Google in Australia, which is pretty cool, and we have thousands of customers who rely on us for their IT support. From time to time we see customers who run into a bit of a pickle and they've got a CryptoLocker or Ransomware it's called, infected inside their Google Drive. It probably started on one of your computers and encrypted all of the files on your computer and you know what a CryptoLocker virus is, these are the kinds of things that encrypt all your files and then you get stuck. You have to pay somebody a Bitcoin to decrypt them, it doesn't always work, it's not always guaranteed. And in the meantime, you're basically left to ransom without access to any of your business files.
This is obviously a bad situation and if you're in that situation right now, fear not there is help and there are ways that we can get things resolved, but it's not always pretty. So, if you're in this situation right now, you've got your business lockdown. What's probably first happened is you've opened an email, you've clicked on a website or someone sent you a file, which has then infected your machine. So if you're on a Mac or a Windows machine, step number one is to actually isolate that and completely clean things up. So if you've still got your Google Drive connected to that computer, sign out right now, that will stop any more synchronization from happening if this fire still exists on your computer. You definitely want to work with an IT professional to actually clear that out. And most professionals recommend a clean slate wipe of the machine so there is absolutely no way that it can get back on there.
The next question is how do you go about restoring Google Drive? What do we do there? Unfortunately, the only way to get those files back is to work with the version history of Google Drive and one by one restore each one of those files. It's not a pretty process and you have to do it individually because there's just no other way to bring those back. Google doesn’t have a point in time restore in Google Drive, and so that means that each individual file you need to open the file, go to version history and restore it to another version. You may have tens, thousands, even hundreds of thousands of files that need to be restored and this can be a pretty crazy time-consuming process. If that's not something that you'd like to do yourself, then we have a service where we can actually help make that happen for you.
Now I want to talk a little bit about prevention and what you should be doing to make sure that this doesn't happen to you. If I've just scared the crap out of you around how you may have your business brought to a standstill by being infected with Ransomware or CryptoLocker, you really need to pay attention to make sure that you take these critical steps so that you won't be affected by this happening. Step number one is to make sure that your computers are secure with local antivirus. Yes, computers are self-updating and they do most of the maintenance themselves these days and there is a basic antivirus built into Windows these days, but it's not always effective in stopping different variants of Ransomware or CryptoLocker. There are solutions that we recommend, and I'll cover some of those off later in this video, but you need to make sure that you have that antivirus installed on your machine so your local computer is protected. That is your first line of defense.
The second thing you need to do is you need to make sure you have cloud disaster recovery software and that backup disaster recovery software is going to allow you to restore your Google Drive to a point in time if anything ever goes wrong with that. Those two steps are the best way of defending yourself against Ransomware or CryptoLocker holding your files hostage. Now you might ask, Peter, well, what about Google Vault? Isn't Google Vault supposed to save all of my files and save a copy of them so if anything ever goes wrong in the business, then we've still got a copy inside of the vault? Well, Google Vault is still definitely useful for business owners because it allows you to have a copy of any email or any file that's going in or out of the business and keep that in a safe location inside the vault.
However, Google Vault will only allow you to still restore files one by one. It's not really designed to be a backup and recovery solution, it's more an eDiscovery solution, that's the technical term for it, and what that means is it's more for archiving and not necessarily for backup restoration and disaster recovery.
So, a quick recap of the two things that you need to do. Number one is to have cloud antivirus on your machine and that cloud antivirus should be specifically tailored to Ransomware or to stopping CryptoLocker viruses. Secondly, you should have a cloud disaster recovery software that will allow you to restore your Google Drive to a point in time. Now both of these are available for free when you sign up for one of our Cloud Concierge plans. Cloud Concierge is a small business G Suite support service which allows you to not only have us take care of day-to-day low-value tasks, like maintaining your G Suite account, setting up new users, archiving users when they leave your business, but we also manage everything that you need to take care of small business IT. That means any virus, that means domain name registration, that means the basics like having backup and disaster recovery so you are not at risk if something like this happens for your business.
The next step in securing your account from the risk of a CryptoLocker or Ransomware attack is to make sure that you actually have the correct security enabled in the different areas of your G Suite account. That means things like switching on two-factor authentication, locking down the admin panel and being careful about which emails are allowed to be sent to your domain. Making sure your DNS settings are correct, like SPF, DKIM, and DMARC can also be additional layers of protection to make sure the emails being received by your business are legitimate and that your email isn't being used for spamming or for spreading any of these viruses as well.
Google has great spam filtering tools built-in, but some things can still make their way through, so it's always a better idea to use the Google web interface than actually using outlook on your local machine because that's another way that viruses can find their way into your local computers. If you're using Chrome OS, so a Chromebook or a Chromebox, well, they aren't susceptible to ransomware or any of these kinds of viruses at all, so that will completely eliminate the risk of you being attacked by ransomware or anything else that may lockdown and hold your files ransom.
Our support membership also includes an audit of all of your IT systems so we can make sure that you are not at risk of having your files disappeared or having to go through a hundred thousand files and restore them one by one. If right now you're in the position where your files have already been locked down well, our team can help with steps to make sure that it doesn't happen again and guide you through the process of restoring those files in the best possible way to make sure that they don't become re-encrypted, because that is something that is at risk if right now you're stuck.
So if you're interested in us investigating your G Suite account, protecting things, or just doing a bit of a checkup to make sure that you're doing things correctly, well headlong to our website itgenius.com where you can request an IT audit or just drop a message to one of our team. Let us know what questions you have and we'll be very happy to get in touch and help out. Until next time. Cheers.
To learn more about our Cloud Support Service, or schedule an IT Systems Check, contact itGenius - the Google Workspace Experts
