It’s Monday morning, and your project is due the next day. You switch on your computer to find a message that your system is encrypted until you pay the required fee.
You’re being held hostage by ransomware.
Fortunately, your company created a data back up plan, it practices ransomware prevention , and you know the critical steps to remove the invader from your computer. These steps take time, but they can have your office back to business-as-usual within hours.
Does this sound too good to be true? It’s not.
Ransomware has been around since 2013. It’s a type of malware that encrypts your files and can prevent you from using your computer. The malware disguises itself as a legitimate file or email. Once opened, it may lock your computer and display a “lockscreen” with a message saying you must pay a ransom, usually with hard-to-trace bitcoins, to regain use of your computer.
Preparation is a vital part of prevention, but ransomware can still find its way into your computer system.
If that happens to your business’ network, don’t panic. First, contact your IT provider and then the authorities, including your local police and the FBI’s Internet Crime Complaint Center.
Then, examine your directories to determine which files are infected. If your documents have odd extension names, try changing them. Some ransomware uses fake encryption that makes you think your computer is locked but doesn’t actually encrypt it.
If this tactic does not work and you have your data saved elsewhere, reset your PC, reinstall your apps, and restore your data from the backup.
- Reboot Windows to safe mode
- Install anti-malware software
- Scan the system to find the ransomware program
- Restore the computer to a previous state with backup files
- Unplug removable storage like external hard disks
- Disconnect from any network shares by clicking the eject icon alongside their entries in the sidebar of Finder
If you did not create backup files or a disaster recovery plan, you might have to pay the ransom.
Try to contact the cybercriminals who initiated the ransomware. Ask for “proof of life.” Can they provide assurance you’ll get your data back? Don’t expect them to unencrypt your files for free. But they are businesspeople of sorts, and you may negotiate a lower ransom.
Ransomware is a lucrative endeavor for criminals, who constantly create newer, more sophisticated techniques to part you and your company’s money. Although no one method or tool will completely protect your organization from a ransomware attack, you can recover and continue doing business if you have trained your staff, created a disaster recovery plan, and duplicated backup information.
If you have any worries about the safety of your network, please call us at (833) 482-6435 or click the banner below to schedule an IT security audit so we can find the best security solutions for your business. Preparation for threats like this is a small cost compared to repairing the damage of an actual infection.
If you enjoyed this IT Support article, please check out other posts on our blog and join us on Facebook, Twitter, LinkedIn, and Google+ to see how else we can help your Greenville, SC or Atlanta, GA area business succeed!