How to remove the ransom virus
The trick to removing the ransom virus is to work out which form of ransomware was used in the attack. Once you have cleaned up the virus itself, you may have further work to do to put right any damage it has caused. With that in mind, here is a quick guide on how to remove the ransom virus.
The three forms of the ransom virus and how to remove them
Currently, there are three common forms of ransomware. These are scareware, lockware, and encryption ransomware.
Scareware is nothing more than malware that puts a frightening message on screen in an attempt to scare the victim into paying the cyberattacker. All you need to do to remove it is to install a reputable anti-malware program and have it scan your computer.
Lockware works along very similar lines to scareware. The key difference is that it genuinely does cause your computer to freeze. This is intended to intimidate the victim and make the frightening message more credible. In reality, however, you can bypass the lock by booting into safe mode. Try installing a reputable anti-malware program and have it scan your computer. If the malware stops you from doing that then restore to a previous time point and then install a reputable anti-malware program and have it scan your computer.
Encryption ransomware is the form of ransomware which tends to make the media headlines. Unlike the other two forms of ransomware, it really does create a serious threat. It encrypts some or all of your data to try to force you to pay for the decryption key. Getting rid of encryption ransomware itself is usually very straightforward. Generally, you just need to install a reputable anti-malware program and have it scan your computer. The problem is that this will not reverse the encryption.
Protecting yourself against a ransomware attack
Although your main game plan should always be to try to stop ransomware from getting into your system in the first place, at the point, you need to accept that this may be impossible. If you have a look at media articles on ransomware attacks you’ll find that they range from attackers simply exploiting well-known flaws (WannaCry) and some massively sophisticated technical and social engineering.
Of course, the people with the sort of technical skills to carry out these sophisticated attacks are probably more likely to use them for big-money attacks on corporations (and government agencies) than on SMBs.
On the other hand, just as it’s dangerous to assume that you’re too big to be attacked, so it’s also dangerous to assume that you’re too small to be attacked. The truth is that at this point anyone and everyone can be a target for ransomware, so it is strongly recommended to make sure that your data is protected in the event of a breach.
First of all, you need to make sure that your sensitive data is stored encrypted. Ideally, encrypt anything you do not want a third-party to read. As an absolute minimum, encrypt any and all personally identifiable data. This includes data you collect from your own employees.
The reason for this is that ransomware is increasingly becoming partnered with data theft and while you can, if you wish, take chances with your own confidential data, any personally-identifiable data you hold is very likely to be protected by law. This means that, if you store it in the clear and then fall victim to ransomware, you could be the one facing the wrath of the law, not the cybercriminals.
Secondly, you need to make sure that you have a ransomware-proof data-backup plan. This essentially means having an off-site backup as well as a local one (for off-site, you can also read “in a second cloud”). This needs to be entirely separate from your production system and local backup. Ideally, it should also contain data backups from different time points, just in case the encryption runs for a while before you notice it. You can reduce the cost of this by putting the older backups into slower storage.
Preventing a ransomware attack
A lot of cybersecurity (and physical security) essentially revolves around the idea of making yourself more hassle than you’re worth to attack. In the case of individuals and SMBs, the obvious way to do this is to invest in a proper anti-malware program with an integrated firewall and backed by a specialist cybersecurity company (i.e. not the security apps bundled as standard with the main operating systems).
You also need to ensure that your operating systems and locally-installed apps are also updated promptly. Known security issues which are left unpatched are just asking for trouble.
Please click here now to start your free 30-day trial of Comodo AEP.