How to protect your PC from ransomware
PC ransomware has become one of the most common forms of malware in use today. The good news is that it’s easy to protect yourself from it with a bit of preparation. With that in mind, here’s a quick guide on how to protect your PC from ransomware.
There are currently three kinds of ransomware in common use. These are scareware, lockware, and encryption ransomware. Scareware is the most basic form of ransomware. It simply displays a frightening message on screen to try to intimidate the victim into paying the attacker.
This then developed into lockware. Lockware takes its name from the fact that it appears to put a lock on your PC to stop you from using it. This lock is, however, very easy to bypass with just a little IT knowledge. As with scareware, the main power of lockware is in the message.
Encryption ransomware takes its name from the fact that it encrypts some or all of your files and then demands money for the key to decrypt them. It has been increasingly linked with data theft, especially if companies refuse to pay the ransom. Even if they do, there’s nothing to stop the cyberattackers from selling the data anyway. In fact, there is nothing to guarantee that they will hand over the decryption key.
Removing PC ransomware
Scareware and encryption ransomware can generally both be removed just by installing a reputable anti-malware program and having it scan the PC. Lockware, however, needs a little more work.
As your first step, boot up into safe mode with networking and see if you can install a reputable anti-malware program. If so, you can just have it scan your PC and remove the infection. If, however, the ransomware will not let you do that then you need to boot up into safe mode with command prompt and restore to a point before the infection. Then install a reputable anti-malware program and have it scan your PC, just in case.
Protecting yourself against encryption ransomware
The reason why businesses loath encryption ransomware is because cleaning up the infection does not reverse the decryption. It does, however, stop the process from going any further and hence should be seen as a priority.
Once you have put a stop to the infection, hopefully, your next step is to restore from a healthy backup. If you don't have a healthy backup then your options range from bad to worse.
You can try finding a public decryption key. To do this, you first need to find a ransomware identifier and have it analyze the ransom note and sample files that were sent with it. You can then check online to see if there is a publicly-available decryption key. Be very careful about this because, rather ironically, there is now malware pretending to be a ransomware-decryption tool.
If you do find a legitimate ransomware-decryption tool, you then need to hope that it works. This is far from guaranteed because ransomware is regularly updated to keep it ahead of security tools. If you cannot find a public decryption key, then your options are to pay the ransom (this is never advised but a lot of people do it all the same) or accept the loss of your files and possibly the theft and/or exposure of your data.
To make matters even worse, if the ransomware attack harvests personally identifiable data, then you may find yourself being sanctioned by data protection regulators. You are also going to have to deal with the people whose data has been stolen.
The good news is that there are two steps you can take to protect your data, even if you fall victim to ransomware. The first is to encrypt all sensitive data (or, at the very least, all personally identifiable data). The second is to ensure that your data backup strategy is ransomware-proof. In simple terms, this means that you need to have two data backups, one local and one off-site. Ideally, your off-site data storage location should hold data backups from different time points in case there is a delay in picking up on the attack.
Preventing ransomware attacks
It’s important to be realistic about the fact that ransomware can break through even the most robust defenses. It is, however, also important to try your best to stop as many attacks as you possibly can. This means that you need to invest in a reputable anti-malware product with an integrated firewall, backed by a reputable security company.
It also means that you are very much recommended to stick with operating systems and applications which are still supported by their developer and to ensure that all updates are promptly applied.
Please click here now to start your free 30-day trial of Comodo AEP.