What Should I Do If My Computer Gets Ransomware

If you’ve just had a message appear on your computer screen saying that your files have been encrypted (locked) and you need to pay a ransom to get them back, here’s what to do next:

  1. If yours is a work computer connected to a network of other computers, UNPLUG THE BLUE NETWORK CABLE OR POWER CORD IMMEDIATELY. This may stop the process of file encryption from going any further than it already has.  With Ransomware attacks, any files and folders you have access to on the network, will be accessible to the attacking cyber criminals unless you stop their access quick enough by disconnecting from your network.

  2. Take a picture of the ransom notice on your screen with your smartphone or a camera. This can be used when filing a police report later, especially if you decide to make an insurance claim.  This also helps authorities keep track of such attacks. 

  3. Advise your IT support people on what has happened. They can then investigate to verify whether any files or folders on your Server (or in the cloud) have indeed been encrypted.  If so, they will need to be restored from the latest data backup. They will need to confirm first, however, that your backup files have not also been encrypted.  
  4. As for any files stored locally on your computer, be sure the blue network cable remains disconnected, and re-connect the power cord (if it was disconnected in step 1), turn it on, log-in and start to review your local files and folders to see what you have access to and what has been encrypted. If you have a backup of locally stored files, you can restore encrypted files from the last copy.  If not, there are tools available that may be able to reverse the file encryption, but you would need to know which strain of encrypting ransomware you’re dealing with.  Otherwise, consider those files lost, unless you decide to pay the ransom.    

Note that paying ransoms is not recommended by law enforcement agencies since this only encourages the cyber criminals.  They may even attack you again down the road, since they were successful the first time.  Also remember that these are criminals; just because you pay the ransom doesn’t mean they will be honest and indeed unlock your files.  They may ask for more payment before they do, or they may not un-lock them at all.

Most Ransomware attacks are a result of clicking on malicious email links or attachments, disguised as being legitimate.   The best defence against this type of attack is regular testing and training to keep employees on their toes. 

BSC Solutions Group offers a world-renowned, effective, IT Security Awareness Testing & Training Service that addresses these types of attacks.  Call us today for more details. 



August 18, 2017 3:48:25 PM

Bill Boisvenue

Leave a Reply

Your email address will not be published. Required fields are marked *



Getting your computer network, phones and software applications to work shouldn’t be a monumental project;
yet we constantly hear from frustrated organizations like yours who call us when they’ve finally
had enough of the poor services and excuses from their current IT support firm.

Our offer of a FREE Service ticket is a no-risk way of introducing our services.
Let us diagnose and work on the computer problem of your choice and
find out what over 25 years of service excellence feels like.

Accepting this free offer in no way obligates you to do any further business with us but of course we hope you will!

1. Because our resources are not unlimited, the free service ticket will cover a maximum of 2 hours of remote support for 1 service issue.
2. Since customers who are the best fit for our services have a minimum of 10 computers, this free offer only applies to organizations of this size.
3. This offer applies only to organizations who are not already a customer of BSC Solutions Group.

Please fill out this form and a BSC Solutions Group “IT Guardian Angel”
will contact you within 24 hours.