Responding to Ransomware #3
Posted By: Claire Thursday 26th August 2021 Tags: Cyber Security, data recovery, ransomwareHow bad is it?
This is the third article in a series of articles on Ransomware. The first article dealt with the choice on whether to pay the ransom. The second article dealt the places that you could go for help.
This article deals with the types of Ransomware that you can have; and in general terms, how to get rid of them.
There are three broad categories of ransomware. These are scareware, screen lockers and encrypting ransomware.
Scareware
The first, category, Scareware, isn’t ‘ransomware’, but it’s often perceived by many as such and for that reason it’s included here. Scareware, is also included here because it’s a common path to the installation of ransomware and other malware through deception (social engineering). Scareware looks to exploit a perception of threat, a threat that is exaggerated or non-existent, to extort money. A common fable is that you have an infected computer that must be sanitised in some way. This fiction might result from an errant program on your computer or some stranger calling you to inform you that your machine is infected, and you need to install an ‘antivirus’.
To be clear, when you have a screen come up on your computer telling you that your machine has a virus, this might not be the case. If there are instructions to take you to an unfamiliar site, or to call an unfamiliar number, it’s probably a bad idea to do so. If you get a call from your service provider, your computer manufacturer, a famous software firm or social media company telling you something like “We have detected a virus on the network, we need to run a malware test on your computer.”, it probably isn’t true.
In such circumstances, never do what the stranger tells you to do and never install a stranger’s software on your machine. Remember that when you see one of these messages on your machine, you have no idea where the message has originated from. Some stranger calling you to tell you that there’s a problem with your computer, is just some stranger, no matter who they say they are. Hang up on them, click nothing, visit no sites. If there’s some warning alert on your machine, you need to get help from a reliable source, but thankfully, it should be an easy issue to fix.
Scareware, is a sort of confidence trick.
Screen-lockers
A screen-locker, as the name says, is software that will stop you from using your machine. The steps you need to take here are as follows.
| 1 | Record the moment | Make notes on where you think you picked this issue up and take photographs. If your problems turn out to be worse than expected, you’ll be able to refer. |
| 2 | Unplug | Disconnect everything, network, any external drives. Disconnect all data paths into the machine. |
| 3 | Restart | Reboot the machine in safe mode. |
| 4 | Clean-up | Install and run some reputable antivirus software. |
You don’t have to do this on your own, an MSP like LaneSystems will help you with something like this. Our technicians
Encrypting ransomware.
This is the worst sort of ransomware. Your files will be locked, and your data may be lost forever.
You probably need help. Paying a ransom is no guarantee that you’ll get your files back.
While there are opportunities, for some, to unpick the damage that is done, with this sort of ransomware you probably need to have the services of someone who has some expertise in this area.
To finish
The best way to fix the problems caused by Ransomware is to take proper precautions and not to have your machine or machines infected in the first place. If you do get infected, some forms of infection are worse than others. If you do have the worst kind, even the help of experts may not help you get your data back.
