Ransomware is an epidemic that has been somewhat on the decline lately, but it’s certainly still a huge threat to both individuals and businesses. Just look at the city of Baltimore, Maryland for one of the most recent illustrations on how devastating a ransomware attack can be.
Just recently, the city’s network was struck by a ransomware attack and it ended up costing over $19 million in damages — a number that continues to grow as they sort through the mess. Ransomware is no joke, and it’s important that, if ransomware strikes your company’s network, that you take a methodical approach, analyzing all of your options before you choose to act.
The basics of ransomware
If you are still blissfully unaware of what ransomware is, then count yourself lucky – you likely haven’t encountered it yet. Ransomware is when a hacker is able to get you to download malware to your computer, which causes havoc in a few different ways.
- Screen-lock ransomware, for instance, blocks you from accessing your operating system all together. It gives you a screen that you can’t advance past. In some cases, it will try to intimidate users by claiming the screen lock was put there by law enforcement after detecting illegal activity on your computer. The hackers demand a ransom payment — usually made in Bitcoin or other cryptocurrency keep it untraceable — to restore your access.
- Encryption ransomware is more sophisticated and a lot more destructive. This ransomware is able to encrypt all the data on your computer and will only lift that encryption when you issue the ransom payment.
- Some “ransomware” isn’t even ransomware at all, but it is designed to look, and act, like it. Scareware is a good example. Hackers that use these measures bank on the user becoming flustered or panicked, so they simply issue the ransom payment when the problem could be solved simply by rebooting or other simple measures. Believe it or not, these are often just as effective as real ransomware.
You can invite ransomware on to you computer the same way as most malware — phishing schemes, corrupt attachments and more.
Has ransomware hijacked your computer? Keep a level head and follow some of these steps
The goal for hackers is to get you to panic and send your ransom payment. It’s important to take your time, assess your options and avoid paying at all costs. Here are a few routes you can take to navigate past ransomware:
- Play detective to find out what sort of ransomware has struck your computer. There are online tools that allow you to upload an encrypted file to determine which type it is. In other cases, the name of the ransomware is displayed prominently. Once you know what type, do a thorough investigation to see if there are documented repair methods.
- Research the various decryption tools that are available online. You might be able to find one that allows you to decrypt the data on your computer without issuing the payment.
- Make sure that any of the infected computers on your network are disconnected from the others. You want to make sure that the problem remains contained.
- If you backup your data — and you should — see if you can restore the data to a different, unaffected computer.
- If you decide to dialogue with the party responsible for the ransomware, do not provide any personal information for them. This can only be used to make the matter worse.
- Some attacks will compromise data that you don’t even need anymore. If you’re one of the fortunate few that are able to simply cut and run, then you can reinstall your operating system.
Of course, the best way to deal with ransomware is to avoid it to begin with, which comes with a comprehensive cybersecurity strategy and savvy users that avoid welcoming this destructive malware onto their machines.