I Have ransomware on my Computer: What Should I do?September 25, 2020 | By Comodo
Are you suspecting a ransomware malware on your computer or you already got a notification that your files are encrypted and need to get a decryption key? It may be hard to detect if the malware on your computer is actually a ransomware malware when your data isn’t encrypted.
However, specific cybersecurity tools can reveal the properties of malware, which tells what the malware is capable of doing. Whatever the case, if you are sure that a ransomware malware is on your computer, you should quickly:
- Scan your PC to get rid of the malware
- Disconnect your internet connectivity
- Seek help to rid the malware off your computer
- Do not panic
Other than that, if you have ransomware on your computer–that is you can see a notification on your computer screen requesting a ransom after you’re denied access to your important files, this article will explain how you can handle such situations. But first, let’s take a refresher course on what ransomware is and how it spreads. This should equip you with more knowledge about the ransomware malware.
What is Ransomware?
Perhaps you already know how ransomware works, a little refresher can go a long way for those with little knowledge. As you probably know, ransomware is a type of malware that locks a computer user out and demands a ransom. This malware takes the same approach as other malware to infect a computer but, it’s primary aim is to get money from victims forcefully.
The ransomware creators embed the malicious codes on a presume safe file and send to their targets via email, as software, social media content, website pop-ups, etc. The method used is phishing–they trick you into opening an attachment with the malicious link, which sends the malware to your computer.
Once this malware finds its way to your computer, it scans your PC and discovers the most vital files. The next action is to make them unreadable on your end and eventually locks you out. You can only see a message on your computer screen asking you to pay a ransom to get your data back or risk losing them entirely.
This is what ransomware attack entails, and the experience is far from being pleasant. Victims do lose vast amounts to the scammers coupled with disruptions of activities. For instance, in 2019, the Baltimore City government was hit by ransomware, and the attack lasted for one month. Throughout the attack period, activities were halted, and they eventually spent $18 million before normalcy was restored.
What to Do When Attacked by Ransomware
Don’t Be Quick to Pay the Ransom
Though the attackers may threaten to destroy your data if you fail to comply, you should take some time before you act. During this time, you want to check if you can access the ceased data through other means. Perhaps you had them backed up; you can restart your computer and recover your data from the backup servers.
Perhaps that’s what you just did and eventually found this web page. You want to make more enquiries and possibly from those that have been victims. While you may not find someone around you, you can exploit online forums like Reddit, groups on Facebook, and other technology forums.
Do You Have Your Data Backed Up?
If you’re sure that your data are correctly backed up, and you can recover them, there’s no need to pay the ransom. The attack may not affect your backed up copy. So go ahead and verify that you can retrieve your data before you format your computer and clean up the mess.
Pay the Ransom
If every other thing fails—that is if your data is not backed up and you do lose essential data if you don’t pay the ransom, you want to play along with the criminals. Yes, you should pay the ransom to spare your data unless they aren’t essential to you. This is not to encourage payment of ransomware attacks, but your data may be the life wire of your business, and you have to protect them.
How to Prevent Ransomware
The best way to handle ransomware attacks is not to avoid paying the ransom because you have your files backup or paying to regain access to your files. Instead, you want to prevent ransomware entirely. Even though you do recover your data on your back up servers, the time taken to perform that may disrupt your business operations. Of course, you know the implications of halting your business operations.
So, preventing ransomware is the best way to go and here is how:
- Avoid opening suspicious attachments from emails.
- Set strong passwords
- Keep all your applications updated, including your operating system
- Use antiviruses/anti-malware programs
- Use advanced security systems to detect and block sophisticated malware like ransomware.
- Back up your data—you do recover your data in case of any sudden attack.
Want to learn more about using advanced security systems to keep your computer safe? Go here to learn more about Comodo’s Advanced Endpoint Protection.