What is ransomware already?
Far be it from me to provide you with a complete and complex definition like Wikipedia does so well . In summary, a ransomware will make the files on your hard disk, usb stick, smartphone etc. unreadable . These attacks are found on all media from the PC, to the Mac , including smartphones and tablets .
Another peculiarity is that some ransomware can spread on internal corporate or domestic networks . There have even been cases where the ransomware waits before activating (notably on Windows ISOs downloaded in illegal ways). Or more recently it is one of the methods of propagation of WannaCry .
1 – At the start of the attack isolate the PC / Mac
As soon as you realize that you have been the victim of ransomware the first thing to do is to disconnect it from the network as quickly as possible . We have already seen it in the past and WannaCry has just re-confirmed that ransomware can try once on your PC or Mac or to spread to other stations on the network . Whether via WiFi or wired connections in all cases disconnected as soon as possible the infected PC.
If you cannot disconnect the infected pc from the wifi, turn off the wifi while you finish processing the workstation . It is better for you to have an interruption in wifi for a few minutes / hours rather than having all your computers infected with ransomware.
2 – Attempt data recovery
If you have n’t set up a backup and very important files have been encrypted then you should be having a few cold sweats at this point. Keep calm and don’t pay the ransom . Why ? Quite simply you are not sure to recover your files.
With another PC, go to the following site: https://www.nomoreransom.org/index.html
The purpose of the site and to offer you help directly to free you from ransomware indeed there are tools developed by the majors of computer security that can help you recover your files and this for free .
Attention however there is not a solution for all the ransomware if it is the case of the ransomware of which you are victim and that you do not have a backup I am sorry, but you only have the poker stunt pay the ransom, again I don’t recommend it .
You can always contact computer security experts to help you, but there is a cost and it is not certain that they can help you find your files. At times mourning non-vital files will be preferable.
Last chance patience indeed over time a solution to decrypt the ransomware may see the light of day , but beware some ransomware impose a payment deadline before destroying your files. So if there is no recovery solution and your data is important, keep the disk safe while waiting for a solution.
3 – Reinstall your PC / Mac
If you have backups of your data do not try to restore your computer, reinstalling it properly will be more effective. If you had to first decrypt your data once it has been copied and saved, you must also reinstall your computer. For a person who is used to 2/3 hours everything is operational again in business your CIO or otherwise your service provider will be able to carry out these actions without the slightest concern .
Once reinstalled, update the product to 100% , do not forget the anti-virus even on Mac OS .
It is important to format and reinstall your computer if you have backups or recovered your data, since it is very likely that the hacker took advantage of the installation of the ransomware to install other malicious software .
Ransomware is not synonymous with disaster , if you take the right precautions upstream it will be just a little time wasted . If you do not have the possibility of recovering your data it can turn into a nightmare in business and sign the death knell for the latter .
Data backups are computer security what the car seat belt is one of the great basics to always use .
Bonus – In prevention make backups
The best defense against ransomware is to make backups of your workstations on External hard drives, so that it is really effective do not hesitate to have two hard drives with the same data. So if unfortunately during a backup you infect your disk and it is also encrypted you will still have a copy .
To properly manage your backups, you should not leave your backup disks permanently connected to your computer or the electrical network. It should ideally be placed in a lockable cupboard and if possible not a cupboard exposed to direct sunlight, because the discs support the heat, but if we can avoid them it is already taken for life of the disc.
Depending on your use, you will have to make backups more or less often between one per day to one per week or even per month if you have not modified / added important data for a long time.