Despite your best efforts to protect yourself from possible security threats, you might still end up being a victim; with reports showing there is an attack every 40 seconds.
Various attacks put your system under risk; one of them is ransomware.
What is Ransomware?
Ransomware or ransom malware is a form of malware that prevents valid users from accessing a system or a network unless a form of payment is done. According to Intermedia, it is the second most significant threat after hardware failure.
Ransomware varies depending on the level of danger it poses.
- Scareware:
In this type of ransomware, a user will receive a pop-up message notifying them that malware has been discovered in their system, and they have to pay to get rid of it. The pop-up messages will continue, but the files within the system mostly remain safe.
- Screen lockers:
Lock-screen ransomware entirely freezes you out of your PC asking you to pay to regain control.
- Encrypting ransomware:
In this type of ransomware, attackers will attain access to your files and encrypt them, and the only way to get them decrypted and redelivered is to pay them.
How is ransomware spread?
The most common method attackers use to infect a computer or system with ransomware is through phishing or mail spam. Mail spam makes use of social engineering to trick users into opening or clicking links by making them appear legitimate.
Another way is through the use of malvertising. Malvertising distributes malware, often ransomware, through online advertising with little to no user interaction needed.
Ransomware is not the only malware that can affect your computer. Attackers might make use of Viruses, Worms, Trojans, Spyware, among others, to cause harm to your computer or an entire system. It is essential that you take the necessary measure to safeguard your data in the case of an attack, but what happens once you notice your computer is already infected?
What you can do after an attack
- Identify infected computer and unplug network cable
In case you are connected to a network with more than one user, identify the source of the infection and take them offline immediately. This will help to limit the intrusion.
- Change passwords
Remember to change your passwords making sure that any potential information obtained during the attack cannot be used against you.
- Do not turn off the infected computer
Once the infected computer has been disconnected from the network, leave the device on to avoid losing information that would analyze the attack.
We highly recommend contacting an IT professional to complete the following:
- Verify backups before attempting restore
Before restoring backed up files, make sure that they are current; you do not want to start a restore and have it fail.
- Do not pay the ransom
In the case of ransomware, it is widely agreed that one should avoid paying the ransom.
- Boot in safe mode
Once you have backed up the files, boot the machine while in safe mode. This allows you to isolate the problems much easier. Scan the computer using tools that detect and remove infections.
- Delete temporary files and system restore points
While restore points can be helpful, they might contain malware, deleting them ensures the malware is completely removed from the computer. Further, delete unnecessary programs and files.
Setting up your system in a way that allows quick and effective data recovery in case of an attack determines the level of damage your system is prone to. At Total Computer Solutions, we can help assess your system's back up, and data recovery capabilities and further assist you in optimizing it in the best way possible to mitigate malware attacks.
