Local IT firms say: Back up, upgrade

| The Journal Gazette

While local companies seem to have escaped the most recent widespread cyberattack, the WannaCry malware jolted some into upgrading their security.

“We’ve seen some clients use this as the push to upgrading,” said Austen Bartels, director of Fort Wayne IT Solutions, which offers full information technology services for small to medium companies.

The WannaCry attacks hit computers across the world this month, creating chaos for thousands of affected companies.

The malware, which National Public Radio reported affected more than 300,000 computers, is a form of ransomware. The software encrypts, or locks, a user’s computer files and creates a key. The users then receive notice they can access the key by paying a sum of money.

The United States has not been affected as much as Europe and Asia but has had similar attacks. The malware typically attacks corporations that have more to lose and money to spend, which is why Bartels said his customers haven’t encountered the WannaCry ransomware.

“It seems like nobody had ever heard of ransomware before,” Bartels said. “If you get hit by one of these attacks, you pretty much just lose those files. It’s completely devastating.”

He said files can be decrypted and recovered on rare occasions but that his company has been able to do it only once. Once someone gets hit, there’s little chance of seeing the files again.

Ben Klaehn, Partner at TechConnect, which offers computer sales, repairs and maintenance, said the same: it’s nearly impossible to get the files back. Having a good defense can be difficult as well.

“There’s no real sure-fire way to protect yourself from this,” he said.

His company hasn’t seen any cases of the recent malware, but in cases like this, the general public is safe, he said. The ones in danger are the bigger businesses.

Backups are paramount, Bartels said, though he cautioned those can be complicated depending on the size of the company. Recovery can be time-consuming and expensive, he said.

Some may be willing to pay the ransom, but that’s not a good idea, Bartels said. He’s seen several ­cases and has never seen someone pay and receive their files back. Klaehn said there’s no guarantee, and Bartels offered another reason to ignore the demands.

“If everyone pays the ransom,” he said, “it kind of promotes the ransomware itself.”

Tony Pearson, co-owner of A Plus Computers, said WannaCry is just like a stronger strain of the flu when it comes to ransomware. While his company also hasn’t seen any WannaCry cases, they have encountered others.

He also said there’s no way to fix the problem and that one of the best de­fenses is for users to watch what they click on and listen to their computer when a warning pops up.

“If you don’t know what it is, don’t click on it,” he said.

Pearson said he’s heard people talking about WannaCry now that it’s become an international issue. Bartels said that may be a good thing. He said some of his customers who weren’t interested in anything more than free anti-virus software are starting to realize how important security is.

“With this being in the news, it seems like people are actually getting it,” he said.

Not all antivirus programs will help, though. Aaron Landis, network engineer at Fort Wayne IT Solutions, said it’s important to use one that utilizes behavioral analysis. He said all ransomware acts pretty much the same, enticing a user to click on a link that allows the software to encrypt their files. This is why antivirus software with behavioral analysis is more likely to catch the ransomware before it’s too late.

However, Bartel said Fort Wayne IT Solutions has just acquired an IPS signature, which it can place within a firewall that will stop the WannaCry ransomware at an organizational level.

Fort Wayne may not have been heavily affected by this cyberattack, but all the experts can do is caution their customers. Klaehn said it just takes common-sense countermeasures to avoid being a victim, and he recommended keeping all software updated.

Over the years, after encountering other ransomware, Fort Wayne IT Solutions has put in place several measures to keep customers safe, Bartels said, which is why he thinks they may have been spared from attacks.

He said he knows how serious the attacks are, though. He encouraged people and businesses to call with any questions.

“If you know someone who gets hit by this,” he said. “You feel for them.”