Ransomware is one of the most unpleasant virus or malware infections, and with no known cure, it poses one of the most serious threats to company and personal data across the globe. In recent weeks there has been a sharp spike in the number of reported infections, so what can you do to protect your valuable data?[vc_separator style=”separator1″]
What is Ransomware?
Essentially, ransomware encrypts documents and images on a computer. Worse still, if the computer is attached to a corporate network, it will infect everything it can see, and will only notify the user once it has finished encrypting all of the data it can find. Usually a pop up window will appear informing the user that all of their data has been encrypted and the only way to decrypt or release the data is to pay a fee to the crooks who created the infection. The amount of ransom demanded seems to vary from a few hundred dollars to several thousand.
How does it infect my PC?
As with virtually all Viruses and Malware infections, Ransomware is usually delivered in an email attachment. There has been a recent trend in emails that claim to be invoices, or confirmations of an order. The emails are worded quite well, and are clearly very plausible, as the number of infections reported in the past few weeks have rocketed
So how do you remove it?
There are many types of infection, but the way Ransomware infects computer networks does not vary much. If you are lucky, you may try to open an infected file quite soon after your computer has been infected. We say lucky, because if you can catch the infection early you may be able to prevent all of your valuable data from being encrypted. Remember that if you are on a network, the Ransomware will infect all of the data it can access, which can take time – days in some cases. Only once it has finished delivering its payload of poison, will it notify its victims.
If you are on a network, the first thing to do is to unplug the network lead from the back of your computer. If the infection started from your computer, disconnecting it from the network will stop the infection from spreading. Then shut down your system and seek professional help. If you are on a corporate network, hopefully you will not have any data saved locally! If you have, then there is a good chance most or all of your data will be encrypted. The bad news is that there is no way to decrypt your precious data without paying a ransom to the crooks. The good news is that if you have a recent backup of your data, then you should be able to restore it without too much difficulty. Obviously you have to make sure that you have found and cleared the infection before you restore your data, otherwise you may find that your data is encrypted again. If you are on a network, then your administrator should be notified immediately so they can take appropriate action to protect and cleanse the network.
Should I pay the fine?
We would always say NO, as dealing with crooks is not a good idea. However, we are aware that some people are so desperate that they have paid to release their files.
How can you protect your system from this type of infection?
Let’s be very clear, there is no way to 100% guarantee your system will never be infected by viruses or malware. There are new types of infections being created every day, and the leading Anti-Virus and Anti-Malware companies are in a permanent state of “Catch Up” Unfortunately, until a virus is created there is no way to find a cure. Below are the main points of trying to keep your data safe:
1. Backup your data – Backup your data – Backup your data. Make sure that your backups are working. Don’t just check to see if it backed up last night, actually try a test restore to make sure that the backup is effective. ALWAYS keep a copy off-site at another location. Or better still, use a remote backup service. N.B. If you do get infected, make sure that you disable the backups whilst you are cleaning your system, otherwise you will back up the infected files
2. Anti-Virus/Malware protection – Purchase a decent brand, and make sure it is up to date.
3. Be very careful with ALL email attachments –If you have even the slightest doubt, do not open the attachment. Look at it this way, what’s the worst that can happen if you don’t open a genuine email? You might receive a reminder for an unpaid bill but compared to losing all of your data this is insignificant. Never open any attachment unless you are 100% certain of its authenticity.
4. Make sure you do point 1!
The above points are only basic precautions, naturally, there are many other ways to try and protect your data. If you are in any doubt seek advice from IT professionals. For any enquiries email us at [email protected] or call us on 01279 464470.