What to Do After a Ransomware Attack

A ransomware attack can be devastating, but there are some steps you can take to contain the damage and recover your files.

What are the steps you need to take after a Ransomware attack?

Ransomware has been around since the 1980s. The WannaCry event that affected more than 230,000 computers worldwide in May of 2017 brought ransomware to the public consciousness.

But what do you do if you are a victim of a ransomware attack? Here are the steps:

  1. Isolate the infection – Contain the damage so that the infection does not spread to your other files. You can do this by disconnecting the computer from the network and isolating the hard drive.
  2. Identify the type of infection – You can search on Google based on the message or some other evidence on your computer. There are identification tools available to help you do this. Meanwhile, you can also hire specialists to determine the type of malware strain and recover your files.
  3. Clean the machine – You can use various anti-malware tools to disinfect your computer. But it is not a guarantee that you can recover your files. However, you can ensure that your network will not be affected.
  4. Recover your files – Although it is no guarantee that you can recover all your files, you can salvage most of them, at least. There are proprietary software tools that enable you to do this. A better method is to hire a third-party service provider, which has a higher chance of recovering all your files.
  5. Report the event – Using your cellphone camera, take a photograph of the ransom message on the screen. You do this before you disconnect and power off your machine.

What is ransomware, and who is most vulnerable?

Ransomware is a type of malware that penetrates a system or file, which then restricts access until the owner pays a ransom. The overarching goal is extortion or blackmail, and the owner will be given instructions on how to secure the decryption key. Payment can be in the form of cash or, in recent years, bitcoins.

Users without ample protection or those who are not aware of how phishing works are at risk of becoming victims. Phishing spam sends seemingly innocent files to prospects and then infects the computer once they are downloaded and clicked. According to Beazley Group, small and medium-sized businesses are most at risk.