Among all the different kinds of malware that infect systems and networks all around the world, the ransomware happens to be the most dreaded. This because ransomware is one malware that can block access to your system and cause you immense damage. It could make you pay hefty sums of money as ransom and it could even destruct your business. There are some ransomware that would even bypass the best antivirus software and other security tools.
Well, if at all you get affected by a ransomware infection, you need to know how the situation has to be tackled. For this, it’s important that there’s a general understanding as regards the different kinds of ransomware. Let’s take a look at the different types of ransomware and how ransomware attacks are to be handled:
The encrypting ransomware:
The encrypting ransomware will lock access to your files by encrypting them and then progressively deleting them. This will make you think of paying the ransom rather than spend time thinking how to tackle the situation. Hackers know that your files are important to you and you’d pay promptly when you realize that delays could lead to loss of critical data.
The solution– First, ensure it’s not a fake ransom notice and that it’s really a ransomware attack. Then, if you’re on Windows, try to open the Task Manager and then close the compromised application using Ctrl+ Shift+ Esc simultaneously. If it’s a Mac, close the compromised application in Activity Monitor using Command, Option and Esc. You should also try to recover your files- the encrypted one and the deleted ones; there are websites that help you with online decryption using decryption tools. You should also try your antivirus program.
Remember to take a screenshot or photograph of the ransomware notice so as to help you file a report if needed.
The screen-locking ransomware:
The screen-locking ransomware works by displaying a warning, allegedly from the FBI, the police or some other authority, stating that your system will remain unstable unless you pay the amount that’s demanded in the notice.
The solution– You could try to use the same keyboard shortcuts that you used for encrypting ransomware, but in most cases, you won’t be able to use keyboard shortcuts. Disconnect all connected peripherals- printers, webcams, external hard drives etc and then disconnect from the internet. Restart in Safe Mode by turning off the system and then turning it on while holding the power button and the S button on the keyboard. Mac users should reboot using Shift button during bootup. Then use a trusted malware removal tool to get rid of the ransomware.
If this doesn’t work out, try returning to an earlier system state by selecting ‘Advanced Boot Options’ at startup or search ‘Recovery Options’ from the Cortana-enabled search bar at the bottom-left corner of the screen (for Windows) or by restoring files in Time Machine (for Mac users) by using Command+Space+Time Machine. Then try cleaning your system using your antivirus software.
If that too doesn’t work out, file a police report; you should remember that you need to take a screenshot or a photograph of the ransom note at the outset for this purpose.
The best thing you can do:
The best thing that you can do is have all important files backed up. Thus if you are attacked by a ransomware, you could just get your system cleaned and move on, without having to pay the ransom to get the criminals to get back your files or to reinstall your OS.