What Should I Do If My Computer Gets Ransomware
If you’ve just had a message appear on your computer screen saying that your files have been encrypted (locked) and you need to pay a ransom to get them back, here’s what to do next:
- If yours is a work computer connected to a network of other computers, UNPLUG THE BLUE NETWORK CABLE OR POWER CORD IMMEDIATELY. This may stop the process of file encryption from going any further than it already has. With Ransomware attacks, any files and folders you have access to on the network, will be accessible to the attacking cyber criminals unless you stop their access quick enough by disconnecting from your network.
- Take a picture of the ransom notice on your screen with your smartphone or a camera. This can be used when filing a police report later, especially if you decide to make an insurance claim. This also helps authorities keep track of such attacks.
- Advise your IT support people on what has happened. They can then investigate to verify whether any files or folders on your Server (or in the cloud) have indeed been encrypted. If so, they will need to be restored from the latest data backup. They will need to confirm first, however, that your backup files have not also been encrypted.
- As for any files stored locally on your computer, be sure the blue network cable remains disconnected, and re-connect the power cord (if it was disconnected in step 1), turn it on, log-in and start to review your local files and folders to see what you have access to and what has been encrypted. If you have a backup of locally stored files, you can restore encrypted files from the last copy. If not, there are tools available that may be able to reverse the file encryption, but you would need to know which strain of encrypting ransomware you’re dealing with. Otherwise, consider those files lost, unless you decide to pay the ransom.
Note that paying ransoms is not recommended by law enforcement agencies since this only encourages the cyber criminals. They may even attack you again down the road, since they were successful the first time. Also remember that these are criminals; just because you pay the ransom doesn’t mean they will be honest and indeed unlock your files. They may ask for more payment before they do, or they may not un-lock them at all.
Most Ransomware attacks are a result of clicking on malicious email links or attachments, disguised as being legitimate. The best defence against this type of attack is regular testing and training to keep employees on their toes.
BSC Solutions Group offers a world-renowned, effective, IT Security Awareness Testing & Training Service that addresses these types of attacks. Call us today for more details.
August 18, 2017 3:48:25 PM