Ransomware is a type of malicious software (malware) that locks down your files by encrypting or scrambling the information. This information can be unlocked with a key, and that key is sold to the victim as the ransom payment.
However, there is no guarantee that you’ll get the key or unlock your files after paying. After all, you’re doing business with a criminal who is willing to attack your personal information and property. They’re likely willing to do a lot more dishonest deals beyond simply hacking your system.
Ransomware attempts are not usually personal attacks. Like many malware events, there are traps all across the internet that can be launched in various ways.
Here are a few common ways that ransomware, and other malware, such as viruses or worms, can land on your systems:
- Clicking a malicious ad. Some advertisements are links to viruses. That might look like a great deal but could lead to more problems than it’s worth.You can hover your mouse over a link and read the address at the bottom of your screen on most computers, however, this doesn’t work as easy on mobile devices.
- Automatic launch from a malicious ad. In the late 2000s, someone figured out how to launch browser hijacks, pop-up ads, and viruses from ads, regardless of whether or not the ad is clicked.Many ads are provided through banner exchanges that cycle through multiple offers from anyone who purchases ad space, and a hacker could buy a slot to spread their malware.
- Automatic launch from a compromised website. Websites can be hacked, and visitors can be attacked by any number of viruses that hijackers add to the site.Websites are actually powerful platforms that can serve massive payloads of damaging files. Modern web browsers can shut down most automated attacks, but curious clickers can still compromise their systems.
- Embedded in fake or illicit files. Are you pirating? Don’t answer that.If you’re looking for free or alternative versions of software, ebooks, music, movies, or other digital content, you can end up on shadier parts of the internet where hackers and vigilantes may intentionally inject or swap the files you want for malware.
Can You Recover from Ransomware?
What can you do to reverse the effects of ransomware or at least get your files back?
First, make sure it’s actually ransomware.
Ransomware is a real threat, but the scare is big enough that many victims can be bluffed out of big money for small problems. The most dangerous ransomware examples use highly complex algorithms to scramble your files, but some weaker ransomware mimics are easier to thwart.
There is a specific type of ransomware that simply changes the extension of your files. Extensions are the 3-letter affixes attached to the end of your file name. Some examples include “.doc” for Microsoft Word documents, “.png” or “.jpg” for pictures, or “.mp3” or “.wav” for audio.
Some ransomware will simply change the extensions to random letters, or to a specific extension that can’t be read. In most cases, you can simply change the extension back or use an anti-virus program that has tools to reverse that damage.
If you’re not comfortable with removing viruses or changing extensions, let an IT consultant help you. Virus removal and system cleanup experts can diagnose the issue and help you figure out the easiest ways to get your computer back to normal.
If you really have ransomware, there isn’t much you can do. There are laboratories and individuals working on ways to crack the code of ransomware or to find mistakes that amateur hackers using someone else’s tools may have left behind, but it’s not a guarantee.
Your best protection against ransomware is to have a backup plan in place before ransomware strikes.
Backups and Recovery Support Can Neutralize Ransomware Demands
Ransomware’s biggest threat is in locking down information. While other threats can be attached to aid in spying or other forms of espionage, ransomware exists specifically to block your files until you pay up.
The best way to protect yourself is to have an up-to-date, tested, and clean backup plan in place. This means saving your information consistently, verifying that the backup can restore into a working system, and making sure that unintended malware is not on the backups.
One way to accomplish this is to use online backups that save your data to cloud services. A managed IT services company can help by providing a digital locker–a place in the cloud to save your information using internet access.
Using cloud storage protects your data in other ways. If theft, fire, or natural disaster occurs at your current location, your backups will be safe in another physical location. It could be somewhere else in the country or somewhere else in the world, and it all depends on the service you choose.
Another method is to use on-site backups. This could mean using an external drive or magnetic tape to back up your information. Ideally, you would store the backup drives somewhere separate from your systems to avoid mixing them up with current data or overwriting the wrong days.
For businesses, having multiple days of backups is crucial. What if a specific day had errors during backups? What if Thursday and Friday’s backups have ransomware, but you don’t have anything earlier? With multiple backups, you can reach back a few days without losing all of your progress and search for a cleaner, safer set of data.
A good backup plan only works well if you test it. If your systems have viruses for days, you could have multiple days of infected backups. Be sure to choose an IT professional who can check your backups and perform test restorations. The latter part is the most important; you should periodically test to ensure that you can restore from these backups otherwise they are useless when an emergency hits and it will be too late to fix the problem.
Restorations can be for full systems from the desktop and operating system to the smallest files, or simply copying the documents you care about. Restoring a snapshot of a working computer that can be reloaded if the computer fails is more complicated, but still simple for a backup professional.
There are multiple threats to businesses and individuals alike, but with proper training and the right software and settings on your systems, your tech world becomes safer every day.
Peters & Associates is dedicated to securing your network, with 24/7 monitoring and support, our Managed Services will never leave you guessing. Give us a call at 630.832.0075 or send an email to firstname.lastname@example.org to get started!
For more information on Microsoft Teams, check out this blog from our partner at Interlink Cloud Advisors.