Ransomware attacks are a major problem for companies, but also for private individuals. We at Ultra Updates explain how to secure yourself.
Ransomware is now causing more than 203 billion euros in damage per year. This makes this malware, especially for companies, the most expensive and dangerous threat. The ransom claims are lower for private individuals – the risk is not. Anyone who becomes the victim of a ransomware attack often loses a lot of private data and has to remedy the PC extensively.
What is a ransomware attack?
Ransomware, therefore, summarizes all malware in which the attackers make ransom demands. In most cases, ransomware is malware that searches for important data, is encrypted, and only releases against passwords. You get the password from the attackers against ransom – at least in theory.
In the past, there was also ransomware that only blocked access to the device with an insurmountable lock screen. Extensions have recently become more extensive attempts at blackmail, which are not about getting data back, but in which the attackers threaten to publish captured data.
Types of Ransomware
Ransomware is available in extremely different variants: some only encrypt, and others steal data beforehand. Not all of them can decipher the data again or it only happens incorrectly. With some ransom demands, an individual is behind it, for other company-like structures with support, reward program, and the creation of tailor-made ransomware-as-a-service. In the case of smaller extortion viruses, there are often decryption programs from security manufacturers or good white Hat hackers, rarely in professional malware.
How do I protect myself from ransomware?
The first protective wall against ransomware is a good antivirus program. In the best case, the malware recognizes this before it gets on the PC and causes damage. There are also approaches that help against unknown blackmail viruses, such as access restrictions on private folders or constantly current backup copies of all important data that are automatically replaced when the software detects a ransomware attack. Such extra protection functions can also be found in protective programs or sometimes in backup software.
What do I do with ransomware on the PC?
Once you have spread on your PC Ransomware, restart the PC with an emergency DVD, for example with the computer image emergency DVD. Then see if you can still access your data; Secure this, if possible. If you have a current backup, you can simply play it back.
On Google, see if you can find a decryption program (Decryptor) with the text of the extortionist message. If you don’t have a backup and no longer get your data, you have to decide: Either the encrypted data is so important that you want to risk paying the ransom, then do so and follow the decryption instructions.
There is no guarantee that you will get the data back. Or use the rescue media from antivirus manufacturers to eliminate the ransomware. Your data is then probably lost.
Decryptor: Free decryption tools
For some ransomware, there are decryption tools (Decryptor) that White Hat Hackers or Antivirus manufacturers have created. This is achieved by programming errors or because the developers of the ransomware withdrew and published the keys.
With such tools, you save your encrypted data without a ransom payment. Unfortunately, they are not available for all types of ransomware. On the nomoreransom.org website, you will find the crypto sheriff, which helps you to find the right decryptor.
Pay the ransom or not?
In most cases, Ultra Updates advises against a ransom payment. There is no guarantee that you will get your data back afterward. And most of it is easier and cheaper in other ways. However, there are also ransomware criminals that offer functioning decryption after payment.
Another reason that speaks against the ransom payment: they then give the hackers exactly what they want: their money. That motivates me to continue. However, companies often pay because the ransom payment is cheaper than rebuilding the IT infrastructure and are affected by data without which the company cannot continue. Some companies also fear that criminals publish the company data when non-payment. There may be a lot to come to light …