How to identify and treat ransomware
Ransomware comes in a variety of forms, but it’s usually quite easy to identify what you have and to deal with it. You do need to keep in mind that dealing with the ransomware itself will not necessarily undo any damage it has caused so you need to be prepared to minimize this.
Identifying ransomware in general
It’s easy to identify ransomware in general because it will put some kind of message on your screen demanding money and giving you instructions on how to make a direct payment.
Step one is to see if you can install a reputable anti-malware program and have it scan your computer. If you can, the infection was either scareware or encryption ransomware. In either case, it will be treated, but, if it was encryption ransomware then your files will still be encrypted.
If you can’t then it is lockware. You bypass the lock by booting into safe mode. See if you can install an anti-malware program but if you can’t restore to a point before the infection. This should get rid of the infection, but to be on the safe side, go ahead and install a reputable anti-malware program and have it scan your computer.
Choosing a robust anti-malware program
It is very risky to rely on the default security apps which come bundled with the main operating systems. Instead, look for anti-malware solutions from actual, specialist cybersecurity companies. You can get consumer-grade options for free and business-grade options for very little cost.
For both individuals and businesses, the best option is generally a cloud-based, all-in-one solution (which must include a firewall). Using a cloud-based solution ensures that it will always be kept up-to-date because the update process is handled entirely by the vendor.
This is more than just a convenience (although it’s certainly that), it means that updates are applied more quickly (as they just need to be deployed on the server) and eliminates the possibility for error when updates are installed locally. As a bonus, cloud-based solutions also push most of the resource-load onto the servers rather than the local device.
Using an all-in-one solution gives you everything you need, ready to go out of the box. Again, this is more than just a convenience (and a cost-effective option). It means all the various security functions work together automatically, i.e. without you having to work out how to configure them so that they all recognize each other.
Please note that anti-malware programs are intended to supplement standard IT security measures not to replace them. In particular, you need to make sure that you only use operating systems and applications which are still actively supported by their developers and apply all updates promptly. If you struggle to get this done then have an IT managed services provider take care of it for you.
Keeping your data secure
Identifying and treating ransomware is all very well. Preventing it from getting into your system in the first place is even better. Realistically, however, there is always going to be the potential for ransomware to get into your system. This means that you not only need to know how to treat the infection itself but also how to prevent it from harming your data.
Your first priority is to prevent data theft. This is becoming an increasingly common result of ransomware attacks and the only guaranteed way to stop it is to make sure that your data is kept encrypted. You don’t have to encrypt all your data, but you should encrypt all personally identifiable data you hold. This includes any personally identifiable data you collect from your own employees. It’s also wise to encrypt any additional data you’d prefer to keep private.
Your second priority is to ensure that you maximize your chances of keeping your access to your data. The way to achieve this is to make sure that you have at least one off-site data backup. Ideally, you’ll have data backups from different time points. This will help to defeat ransomware which lies dormant for a while and/or works slowly.
Once you have a data backup strategy you think ought to work, make sure that you test it to confirm that it does work. In fact, commit to testing it periodically so that you pick up on any changes which could have impacted it. If you do have to restore from a data backup, remember to scan the data for malware, just in case you have inadvertently backed up the source of the infection along with your data.
Please click here now to start your free 30-day trial of Comodo AEP.