What is Ransomware & what can you do?
by jon knowles
What is it Ransomware?
Ransomware is a type of malware that infects your computer restricting access to files or functions in an attempt to extort money from the victim. Different variants have different objectives, but some of the most common ones at the moment aim to encrypt all of your personal files making them useless and then charging you for a key to retrieve them. Some of the strains are capable of also encrypting files in network locations, meaning that if you have shared folders on your home or business network then they are often encrypted too.
The various types of ransomware have names such as Cryptolocker, CryptoWall, TorrentLocker, CTB Locker, Locky, Samas and Cryptolocker2.0.
Many of the variants will have some sort of timer which will delete the data after a number of days or will put the price up. Some other types of ransomware aim to lock your computer and deny access to it unless you pay a specified amount of money.
How Do You Get Ransomware?
Ransomware can get onto your computer in many different ways. The most common way would appear to be through malicious E-Mail attachments. Many of these often look like legitimate E-Mails, such as from a shipping courier with a missed delivery or an invoice for a product.
Other ways that your computer get infected include websites with malicious code and or plugins, exploit kits that target weaknesses in your system or via file transfer from computer to computer.
Best for of attack is DEFENSE!
As always the best way to protect yourself is to have a good defence system set up. Read our guide on protecting your data for some in depth tasks that anyone can perform to help keep you and your data safe. As a minimum you need to ensure that you follow these rules
- Keep your system and applications up to date with the latest security patches
- Have a fully working and up to date anti-virus
- BACK UP YOUR DATA!
IF you are unsure on how to keep your system safe then contact us for help and advice.
What can you do about it?
If you are already infected then follow the advice below to maximise the chance of recovering data
- As soon as you notice an infection on your computer turn it off at the wall. Many variants of ransomware will take a little time to encrypt a computers files .This means that acting quickly leaves you with a better chance of recovering your files. Some strains also don’t delete the system volume shadow copies until the end of encrypting so you may be lucky and still be able to recover your backups.
- Prevent any other computers on your network by unplugging the infected machine.
- Check your other networked machines to try and find any symptoms preventing further data loss.
- Contact us for free advice and guidance on what we can do to recover your data and remove the infection.
Alternatively you can try www.nomoreransom.org, a brilliant site for further advice and guidance. This website also provides some tools that can on rare occasions decrypt affected files.
How Can JKCWS help?
What and how we can help will depend on many factors such as the ransomware variant, the version and how far it got in attacking your computer. After making contact with us we can discuss your options and try to recover your data for you, we have access to a number of different methods for data recovery.
Our service includes :
- Removing all traces of the infection
- hardening your computer against further attacks
- Returning your computer to its original state
- FREE advice and guidance on preventing further attacks