June 8, 2018
Understanding and Handling Ransomware
June 8, 2018
Ransomware can infect systems via email with PDF or Word attachments or links to certain websites. It can also infect systems through malicious advertisements asking the users to click on a certain link, or attackers may use social engineering tactics, such as posing as government agents, to scare the user and receive the ransom immediately.
Ways to AttackRansomware either encrypts your data allowing you to enter the system or takes control of the entire system and forbids you from gaining access to the system.
Let us further understand these two types of ransomware.
- Locker Ransomware – Locker ransomware, like Reveton, was first seen in 2012, when it locked users’ computers and prohibited them from logging in. What displayed on the screen was a message that looked like it was coming from the FBI or a government organization accusing the user of involvement in illegal activity and asking him to pay a fine to resume the services.
- Crypto Ransomware – Crypto ransomware, like CryptoLocker, denies access to files or data through encryption. Once all the files are encrypted, the ransomware displays a message demanding money from the user so as to send the user the decryption code. Also, the message warns the user that the decryption code will not be received or will be destroyed if the money is not received within a stipulated time.
What Ransomware TargetsInitially, attackers targeted individuals, but gradually, they realized its potential to harm businesses and diverted their attacks to organizations. These attacks became successful in halting businesses’ processes and productivity and resulted in the loss of data and revenue.
What to Do Once AttackedIf you find your system infected with ransomware, never pay the ransom. This is a recent suggestion given by the FBI that will eventually help discourage the attackers and reduce such attacks. It has also been observed that one out of every five companies doesn’t get the data back, so it is pretty likely that you do not get your data back.It is important to prepare yourself and defeat ransomware attacks by taking some preventive measures.
- Keep a backup of your data. This backup must be updated regularly.
- Never provide personal or official information while answering an email, a call, or a text message.
- Software for scanning and filtering data at regular intervals must always be installed on your systems.
- Detect malicious activities by installing antivirus software and building a software firewall.
- If you detect any malicious activity, disconnect the system from the network immediately. This technique may or may not prevent all the files from being encrypted, but immediate action can definitely prove beneficial.
Fend Off RansomwareThere are some techniques that can help remove ransomware.If you can enter the system even after the attack, immediately put the system in safe mode and run an antivirus scanner to ward off malware.If the attack prevents you from getting past the system, then you can try some tricks mentioned below:
- Reinstall your operating system.
- Run an antivirus program via an external source such as a drive or a bootable disc.
- Implement System Restore and restore the unattacked data.