While attending the summer NAELA (National Academy of Elder Law Attorneys) conference, I had the opportunity to attend a break-out session on technology. Our speaker bemoaned the curse of ransomware, but was cautious to offer suggestions on how to prepare for or avoid it.
And, that got me thinking – what could I (a small business owner with a limited IT budget) do to protect my computers, and the computers at my office?
During my 40+ years of computer experience, I have experienced 4 up close and personal events that led me to a somewhat satisfying, but not bullet-proof, solution to the ransomware threat.
Bad Day #1 – Disgruntled Employee Intentionally Deletes ALL the Data. Yes, ALL of It!
While in law school, I would frequently stop by my father’s office and see if I could get invited to lunch. On one particular Wednesday, I joined my father and his good friend and client at the Green Onion. During the conversation, the client described how he received the Disgruntled Employee’s resignation letter on the previous Saturday morning. Then when he got to the office on Monday morning, he discovered that the Disgruntled Employee had intentionally deleted over 3 years of transactions from their accounting program. No customers. No invoices. No vendors. No bills. No payroll. No checks. No deposits. No nothing. Gone. It was ALL gone.
He rightly expressed his grave concern that he did not know what he was going to do. He had no idea what customers owed him money or what vendors he owed.
Since I was familiar with his computer system, I asked what I thought was an obvious question: “What about your backup tapes?”
The next thing I knew, he was calling his office and telling them to immediately pull their backup tapes and see if they could recover anything. Since they used an incremental system, they had already written over Monday and Tuesday’s backups. Wednesday’s set was bad, and so was Thursday’s set. With one left, they tried Friday – and the recovery was successful. They were able to recover everything but the last month’s worth of data. Fortunately, they still had a month’s worth of hard copies so they were able to recreate the missing information. (The ex-Disgruntled Employee deleted ALL the transactions in an effort to hide his six-figure embezzlement scheme. But, that’s another story.)
Morrel of the Story: Regularly pull a full backup of your files for permanent off-site storage.
Bad Day #2 – Happy Birthday to Michelangelo! My First Computer Virus.
In the early 1990’s, several of our DOS computers became infected with a dormant copy of the Michelangelo computer virus. Then, on March 6th, the birthday of the world-renowned artist, the infected computers became inoperable. Luckily, we quickly diagnosed the problem and were able to download the necessary anti-virus software. Even though we did not lose any data, we lost a day of billable time as we had to go through and decontaminate every 3.5 inch floppy disk in the office. Yuk!
Morrel of the Story: Computer viruses are patient and can wait a long time before they bite. The backup you just made may already be infected.
Bad Day #3 – The Day the Server Died!
Christmas in Argentina is amazing! The day I left Oklahoma, the high temperature was 14F degrees. When I arrived in Buenos Aires, it was a balmy 90F degrees – perfect weather for an Okie. Even then, it still took me 3 days to thaw out. I still laugh about seeing all the Nativity scenes in the fireplaces. My Norte Americano reaction was, “Stop! Don’t burn baby Jesus!” Then I quickly realized that nobody was using their fireplaces in the summertime.
Then, I got the long distance telephone call from the office. The server died!
“No problem!”, I replied. I had plenty of backup tapes in the safe at my house.
Did I mention that my safe had an electronic keypad? Did I mention that the electronic keypad demagnetized ALL the backup tapes?
Yeah, this story does not have a happy ending. We lost everything.
Morrel of the Story: Two is one. One is none. Make more than one backup and use different media and software.
Bad Day #4: – Ransomware Comes to Tulsa!
Major weirdness. For whatever reason we could not access any of the files on the server. Everything seemed to be in the right place – the file names were just scrambled. When we tested what should have been word-processing files, no joy. When we tested what should have been spreadsheet files, no joy. Then we realized that the files were encrypted. Ransomware!
Our impromptu CSI team quickly determined the cause of the infection – an employee opened an email attachment with attitude (the payload was a Microsoft Word file which contained the encryption program) – and the approximate time of infection (all of a sudden, the file server got really busy when it started encrypting the files).
At the time, our backup strategy included incremental backups every hour. So, we selected a backup before the infection, and restored a sterile version of our files. Happily, we only lost a day or two of files of which hard copies abounded. But again, we lost a day of productivity while we waited for the server to rebuild.
Morrel of the Story: Ransomware is Nasty! Be Careful Opening those Emails!
A Country Lawyer’s “Git ‘Er Done” Solution to Ransomware
So, with all of those real-life examples bouncing around in my head, I started pondering – and momentarily tuned out our guest speaker.
So, what can a person or small business do?
Then, it came to me. The solution is EASY! Go buy a USB 3.0, name-brand, high-capacity, portable, external, hard disk from Best Buy, Office Depot, Staples or Amazon like this 4TB Western Digital model. Then backup every single computer in your home or office. If you run out of space, then go get another one. Put a label on the drive with the name of the month. Then take that hard disk off-site for safe keeping. Next month do the same thing. If you do it for a full year, you should have 12 copies of everything. In theory, the most you could lose is a month’s worth of data.
All for less than $5.00 a day.
If your computers become infected with ransomware, the cost-benefit question is not so painful. Is 5-days, 10-days, or at most 30-days worth of data loss worth the ransom? How much would it cost to recreate the missing stuff? Not much? Then, go tell the kidnappers to go suck eggs!
If you are still concerned, then implement this technique twice a month or even weekly – whatever your budget can afford.
Is the solution perfect? No. But it is certainly better than nothing and a step in the right direction.
Just git ‘er done!
P.S. Many of the hard disk manufacturers include their own backup software. It may behoove you to invest in something else. Acronis has a personal software solution and a business software solution. Give them a go, and see if they work for you.
P.S.S. If you just discovered a ransomware outbreak, immediately disconnect your computers and laptops from any internet access (Ethernet or Wi-Fi) before you turn them on, and disable any cloud-based storage systems (i.e. Dropbox, OneDrive, etc.) that you are using. You certainly don’t want the infection to spread.
P.S.S.S. Be sure and let me know if you like this idea, or if it works for you. If you really like this idea, then you are more than welcome to send me a Starbucks eGift Card in any denomination of your choice. If you don’t like the idea, then don’t bother. I will probably delete your comment any way.
Please contact Morrel Law PLLC for more information.