Currently, I estimate that every month we have at least one point of sale client having issues regarding Ransomware and unfortunately many of our customers are falling victim to Ransomware attacks. We have had three (3) such attacks this week.
Our support manager Phil has put together step by step notes for you.
What it does
This form of attack encrypts all of your data and prevents you from using your computer unless you pay a fee. If this happens to be your server then this means your shop will not be able to trade.
What to do
Your only other option is to reformat your server and restore from a backup.
However, in many cases, we are finding that despite our best efforts there are no backups available as they too have been encrypted.
What can you do about it?
Your choice of Operating System
Firstly you should think about the version of Windows you use in your store. Windows 10 has a lot of features built in that make it much harder for Ransomware to take hold of your system.
If you are not running Windows 10 in your store, especially on your server and the computers you use to connect to the internet, then you should consider upgrading these as soon as possible.
While not as good, if you must or insist on running Windows 7, you should at least ensure that all Windows Updates have been installed. Windows Update includes many security patches, some of which may stop Ransomware from taking hold of your system.
In Windows 7, Click the Start button and in the run (or search box) type “windows update” and then press enter.
Click on the Check for updates and install updates button.
Windows Update may want you to restart your computer at some point and you should do so.
Remember that if this is your server then your shop will not be able to trade while your server is restarting.
When you have restarted, repeat the above process until there are no more updates to install.
If you are running Windows XP, then you are leaving yourself wide open to attacks from Ransomware. Microsoft stopped supporting Windows XP in April 2014, so for five years there has not been any security updates for this operating system. There is little you can do apart from replacing the computer with one that has Windows 10 as its operating system.
Make sure you have a backup
Ransomware attacks are happening, and as much as you may try to prevent them, it may happen to you. If it does, you either have to pay up and encourage these criminals to continue their actions or have someone reformat and reinstall your computer system.
Reformatting and in reinstalling the operating system is the easy part. What nobody can replace is the data. Your customers, stock, sales history etc.
To protect yourself and ensure you will be able to replace this, you should be taking a regular backup copy of your data and remove it from your network so that Ransomware cannot access it.
I will deal with Posbrowser, but you should also find out how to do the same with your other important data such as your accounting and payroll data and any documents you may store on your local hard drive.
Posbrowser uses SQL server. One of the features of SQL server is that you can take online backups.
This means that you can take a backup without having to bring the system offline and stop trading.
So find a time during the day, a regular time.
Also, find a USB stick. Now go to your server and plug in the USB stick.
Open Posbrowser and from the main menu select System Maintenance / Backup and Restore.
In the “Backup to a location” section click the three dots and navigate to the USB drive you just plugged in and click OK.
Note that if the three dots are greyed out, you are NOT on your server!
Then click the Backup button and the backup will start.
Wait until you see a message telling you the Backup was complete.
If you see any other message, you should contact POS Solutions Support for advice.
When it finishes,
DO NOT JUST TAKE OUT THE USB STICK – REMEMBER TO EJECT IT SAFELY.
This is the only way you can ensure that the backup has been written to the USB stick correctly.
If you want to be double sure, after you have removed the USB stick, you can insert it again and restore the backup to your training system via the “Restore to Training” tab in the Backup and Restore document.
When you have removed the USB drive, place it in a safe place, and DO NOT put it into a computer again until you are ready to do another backup of your system. Don’t let Ransomware have a chance to get access to it.
Even if this backup is a couple of days old, because you are not in on the weekend, it is a lot better than having nothing at all.
You should take the time and make an effort to protect the most valuable part of your business – your data.