Ransomware is a special type of malware that is actively spreading across the internet today threatening to destroy victim’s documents and other files. Ransomware is just one of many different types of malware which has become very common because it is so profitable for criminals.
Ransomware is commonly spread by emailing victims and tricking them into opening an infected attachment or clicking on a link to the attacker’s website. Once this particular type of malware infects your computer it will start encrypting your files or your entire hard drive. You are then locked out of your entire system or cannot access your important files. The malware will inform you that the only way to unlock your system to recover your files is to pay the cyber criminal a ransom to provide you with a password to decrypt your information. Most often the ransom is paid in some form of currency such as Bitcoin.
Should You Pay the Ransom?
The problem with paying the ransom is that often people pay these criminals when they are infected which motivates criminals to infect others. Though you may not have another option to recover your files, there is no guarantee you will get your files back. During the decryption process, you may be infected with additional malware. Decrypting after the ransom is paid doesn’t confirm the ransomware is removed from your device. Ransomware can stay dormant on your device and attack again later.
The best way to recover from ransomware without paying the ransom is to recover your files from backups. This way even if your computer is infected with ransomware you have a way of recovering files after rebuilding or cleaning up your computer. Keep in mind that if your backup can be accessed from the infected system, ransomware might delete or encrypt your backup files. Therefore, it’s important to back up files to either a reputable cloud-based service or to store your backups on external drives that are not always connected to your system. Be sure to regularly test that you can recover the files you need should your system become infected with ransomware. Backups are important as they also help you recover when you accidentally delete files or your hard drive gives out.
Further Protective Measures
- The more current your software, the fewer known vulnerabilities your systems will have and the harder it is for cyber criminals to infect them. Therefore make sure your operating system, applications, and devices are enabled to automatically install updates.
- Use a standard account that has limited privileges rather than privileged accounts such as administrator or root. This prevents many types of malware from being able to install themselves.
- Cyber criminals often trick people into installing their malware for them. They might send you an email that looks legitimate and contains an attachment or a link.
- Do not click on suspicious web browser popup windows
- Do not open files with file extensions that are likely to be associated with malware (e.g., .bat, .com, .exe, .pif, .vbs)
- Ensure that you have malware protection installed and do not disable malware security control mechanisms (e.g., antivirus software, content filtering software, reputation software, personal firewall) and make sure that they are continuously updated
- Do not use administrator-level accounts for regular host operation
- Do not download or execute applications from untrusted sources