Ransomware is a type of malicious software used by cybercriminals to encrypt your computer or computer files for ransom, demanding payment from you to restore them back.
Ransomware can not only encrypt your files; it can spread to other devices on your network and encrypt files located on both those network drives. This can lead to serious consequences especially for organizations whereby one infected user can bring a whole department or the entire organization to a grinding halt.
Nowadays, ransomware is quickly becoming an increasingly popular way for cybercriminals to extort money from large organizations and consumers (individual users) alike.
The Most Common Ways By Which Ransomware Spreads Includes:
Spam email messages that trick users into downloading a malicious file attachment. Exploit kits that silently download the ransomware onto the victim's computer while they browse a seemingly benign website.
If your computer gets infected by the ransomware, follow the below-mentioned guidelines to remove it safely.
In case of ransomware infection, the first thing that you need to do is to reboot your system in Safe Mode.
To enter 'Safe Mode,' hold the Shift button, and click Restart.
After that, you'll see that you have three options. From those options, click on the 'Troubleshoot' option.
Then, click Advanced Options-->Startup Settings-->Restart.
Once your computer boots, a list of options gets displayed on your screen. Press F4 to enter the Safe mode.
Safe Mode starts your system with a limited set of files and drivers. It is the diagnostic mode of a computer operating system (OS).
Install Antivirus Software (For Individual users)
Once you enter Safe Mode, you need to install good antivirus software such as the Comodo Free Antivirus. The goal is to find and remove ransomware.
Scan Your Computer
Use the antivirus software to perform a passive scan of your system. This will identify and remove the ransomware from your system. The antivirus may prompt you to reboot your computer after the successful removal of ransomware.
Select the Custom Scan
Configure the antivirus program to scan all of drive C and all of the other drives if you suspect the ransomware resides there as well. This scan will take some time.
Restore the Computer To a Previous State
After completing all the steps mentioned above, make sure to restore your system to a previous state (which is free of ransomware).
- Go to 'System Settings' from the Control Panel and click on the 'System Protection' option.
- You will be able to see Backup and Restore option.
- You should also be able to see an automatic restore point (where your computer was free of infection).
- Select the ‘Backup and Restore’ option to restore files from a backup.
- Then, click Restore and Finish.
How To Prevent Future Ransomware Attacks
Make a back up of your files and documents in cloud storage or on an offline system. This can save your data even if your computer gets infected with ransomware malware. Install good antivirus software such as Comodo Antivirus to block ransomware.
If you are an enterprise user, it is advisable to use Comodo Advanced Endpoint Protection (AEP). Comodo AEP provides real-time protection for your endpoints.
It isolates ransomware programs from your organization ’s network and contains them in an isolated or restricted system environment.
Key benefits of using Comodo Advance Endpoint Protection
- Comes with auto-sandboxing technology that denies access to unknown files
- One centralized management console
- Manages Endpoint Security Manager configurations
- Automatically uninstalls legacy/existing antivirus products
- Manages services, processes, and applications
- Offers a unique panoramic view of the endpoint estate with critical endpoint metrics
- Manages CPU, RAM and hard disk usage
- Manages endpoint power consumption
- Set-and-forget policies ensure that endpoint configurations are automatically re-applied if they cease being compliant
- Manages USB devices