I had arrived home from visiting my family last Saturday around 10 p.m., and noticed a couple of email messages arriving from a CPA customer, just before I went to bed. I took a quick glance, immediately spotting the phrases “none of our programs work” and “all the file names on our server have changed.” Those phrases were all of the symptoms I needed. As I would confirm later, the customer had been struck by ransomware.
For the uninitiated, ransomware is a rather insidious form of malware that attempts to render all of your important files unreadable, until you pay the perpetrator a ransom to restore them. This malware was first seen in Russia in 2011, and by 2013, it was well entrenched in the United States.