Ransomware: Type of malware (malicious software) that locks your computer screen and prevents you from accessing your files and asks you to pay a certain fee (ransom) for you to get back and control over your computer.
These malware sometimes come in the form of a fake antivirus installer which when clicked into the computer then accesses your files and sends details to another server used by the criminals. It is also possible to download ransomware unknowingly by opening infected attachments in emails or unsecure websites.
WHAT TO DO TO PREVENT ATTACKS FROM RANSOMWARE
- First and foremost the best on can do to avoid any data loss not only from ransomware attacks but any other form of attack is to back up your data regularly preferably using a backup plan such as the 3-2-1 plan which entails that you make 3 copies of the data, store it in 2 separate storage from where it is initially stored and 1 in a separate location.
- Scrutinise emails and embedded links/attachments found in emails or unsecure websites before clicking on them to avoid any unnecessary installations into your computer that may be the ransomware itself.
- Regularly update software, programs and applications as these updates tend to add an added layer of protection and also patching up backdoors that could be used by criminals and other online threats to gain access to your computer.
- Disconnect computer from Wi-Fi or unplug from internet immediately you open an attachment and it starts installing unnecessarily being that it’s not an executable file or the website isn’t secure or the email comes from a source you don’t trust. If you act fast before the characteristic ransomware screen pops up, you can stop communication between the ransomware and the server used to send the encryption key to your computer. This might reduce the number of files that will be encrypted by the ransomware and also buy you some time to back up your data just in case you hadn’t done so.
- Use system restore which might help you restore your computer to a former known clean state. This however may not really work since the ransomware have newer versions which are able to delete ‘shadow files’ which are vital for the system restore but it’s worth a try.
NB: The most common ransomware today is one called CryptoLocker
The chances of data recovery in cases of ransomware attacks are very minimal thus we advise prevention of these attacks as there is no known solution for these attacks at the moment. The only known way is to pay the ransom which is the advisable also as the decryption key might not be sent to your computer to decrypt the files or it might not even work and the criminals might even try extort more money from you and it becomes a repeating cycle. Secondly it also encourages such criminal acts.