What you need to know to fix cyber ransomware
Cyber ransomware has become one of the most prevalent online threats currently in existence. It’s usually easy enough to fix the infection. The problem is that you will still be left with encrypted data. This means that you need to focus on prevention and protection rather than just knowing how to fix the infection.
Fixing a cyber ransomware infection
Although there are different kinds of ransomware (and often different versions of the same kind of ransomware), the basic treatment process is the same. First of all, try installing a reputable anti-malware program and having it scan your computer. If this solves the whole problem, you had scareware. This is nothing more than a social-engineering trick. If it removes the infection but still leaves you with encrypted files, then you had encryption ransomware and have further work to do.
If you cannot install an anti-malware program then you probably have lockware. Try booting up into safe mode (with networking in Windows) and see if this makes it possible to install an anti-malware program. If not, then boot into safe mode again (with command prompt in Windows) and restore to a previous time point. Then install an anti-malware program and have it scan your computer just to make sure that there’s nothing else lurking around.
Keeping your data safe from ransomware attacks
One of the reasons why ransomware attacks have become such a concern is because they are increasingly being partnered with data theft. This is bad enough if this is simply data that the company would have preferred to have kept confidential (for example intellectual property). It can be devastating if it is personally identifiable data as this is usually under some form of legal/regulatory protection. This means that falling victim to a ransomware attack can put you on the wrong side of the law (while the attackers walk away).
The way to solve this problem is to make sure you encrypt anything you want to keep safe from prying eyes if your system is attacked. Sadly, encrypting data won’t stop encryption ransomware, it will just encrypt the data again. It will, however, stop the cyberattackers from reading, selling, and/or exposing your data.
Maintaining access to your data in the event of a ransomware attack
If you have a ransomware-proof data backup, then you have a straightforward, if tedious, solution to a ransomware attack. The key to making a database ransomware-proof is to make sure that it is completely separate from your main systems. That means both physically and logically separate so that it is entirely self-contained). In other words, you need an off-site data backup as well as a local one. Ideally, you should keep data backups from various time points in case you have to deal with slow-acting ransomware gradually infiltrating your data.
If you do not have a copy of your data, then your options range from bad to worse. Your best-case scenario is that your luck is in and that you find a ransomware decryption tool that works for the ransomware which attacked you. If you don’t then you either pay the ransom and hope that the cyberattackers return your data (which is not guaranteed and is never advisable) or accept its loss.
Preventing cyber ransomware attacks
Although there is now some highly-sophisticated ransomware, a lot of it can be effectively thwarted just by basic IT hygiene. In particular, it is vital to stick with operating systems and applications which are still being maintained by their developers. It is also vital to make sure that all security updates are applied promptly.
In simple terms, a known vulnerability is an open door to cyberattackers, so you need to close it as quickly as possible. If you know that applying updates promptly is a weak point in your organization, then you need to get a managed IT services vendor to deal with it for you.
Supplementing this with a robust anti-malware solution will go a long way towards defeating more aggressive forms of ransomware. For most companies (and individuals), the most sensible approach is generally to go for a cloud-based, all-in-one product from a reputable cybersecurity company. This is basically a “set-and-forget” solution because the vendor takes care of all the updates (which will be frequent).
Last but not least, it’s important to educate users on safe surfing and emailing and to make them aware of social-engineering tricks, especially ones which are used on the phone. Phones are a particular weak-point for security as there is a limit to how much automatic protection you can apply to phone calls. Video-calls are even more vulnerable to abuse as they give cyberattackers extra, visual clues.
Please click here now to start your free 30-day trial of Comodo AEP.