BOOK AN APPOINTMENT WITH AN IT SPECIALIST TODAY

3 Tips Will Help Save Your Computer from Ransomware

Quick Tips to Save Your Computer from Ransomware

Are you struggling to remove vicious ransomware from your computer? These quick tips will help you (safely!) access information on your computer and get back online in no time.  

Ransomware

You’ve heard about ransomware attacks, but never thought it could happen to you. That’s the beginning of the story that IT professionals around the world are hearing from users — business users, individuals, schools — there are no “safe spaces” when it comes to the ability of cybercriminals to wreak havoc on your technology. There’s always the option of paying the ransom, but this path is fraught with dangers. If the attacker doesn’t issue you the unlock code for your files, there’s no Better Business Bureau to report them, you lose the money you paid and will still need to work with professionals for ransomware removal. Understanding the three key variants of ransomware is the first step to potentially rescue your computer.

Three Main Variants of Ransomware

Ransomware is often classified into three main types:

  • Scareware, when a bogus antivirus screen pops up on your computer, letting you know that there are “many issues” and demanding money to remove the detrimental files. This is the easiest variant to resolve.
  • Lock-screen viruses are a more advanced attack and can be quite frightening. With this type of ransomware, you might be presented with an official-looking screen that you cannot navigate away from with details on sending money securely to remove the lock.
  • Advanced ransomware physically encrypts your files as well as locking access to them. It can be significantly more challenging to remove this type of ransomware without paying the fine. One example is Ryuk, where data recovery by professionals has only been successful approximately 3% of the time.

PC Rescue and Recovery Tips

While the other sure path to success is to work with a local technical professional to get everything up and running securely, you may be able to run through these tips and release your PC from the hostage situation.

  1. Enter Windows’ Safe Mode and utilize on-demand anti-malware scanning software such as Malwarebytes.
  2. If your anti-malware software isn’t successful, your next option is to attempt to restore to a point in time when your computer was safe and free from infection. You can complete this task by shutting down your PC completely. For Windows 7: Restart your computer, pressing the F8 key repeatedly and then selecting “Repair Your Computer”, log on and select System Restore. For Windows 8, 8.1 or 10: Hold down the Shift key, select Restart which will reboot your computer to the recovery screen. From there, you will select “Troubleshoot” “Advanced Options” “System Restore”.
  3. If your system restore attempt is unsuccessful, your next option is to attempt running anti-malware software from a USB drive or bootable disk. The following trusted vendors have solutions available: BitdefenderAvastKasperskyNorton and Sophos.

The final step in the recovery process often involves finding your lost files and attempting to restore any additional systems settings that were lost during the process.

Ransomware recovery is a pain at best and very expensive at worst. A strong defense is your best option and installing a strong anti-malware and antivirus software package will help repel the vast majority of attacks before they can take hold. However, the only sure-fire method of ensuring you don’t lose anything in a ransomware attack is to create full and complete external backups. With ransomware attacks surging 77% in 2019, there’s always the possibility that you will never retrieve your priceless memories and private files without a solid backup plan in place.

More Like This

AA20-259A: Iran-Based Threat Actor Exploits VPN Vulnerabilities

Original release date: September 15, 2020 Summary This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques. This product was written by the Cybersecurity and Infrastructure Security Agency (CISA) with contributions from the Federal Bureau of Investigation (FBI). CISA and …

AA20-259A: Iran-Based Threat Actor Exploits VPN Vulnerabilities Read More »

Read More

AA20-258A: Chinese Ministry of State Security-Affiliated Cyber Threat Actor Activity

Original release date: September 14, 2020 Summary The Cybersecurity and Infrastructure Security Agency (CISA) has consistently observed Chinese Ministry of State Security (MSS)-affiliated cyber threat actors using publicly available information sources and common, well-known tactics, techniques, and procedures (TTPs) to target U.S. Government agencies. CISA has observed these—and other threat actors with varying degrees of …

AA20-258A: Chinese Ministry of State Security-Affiliated Cyber Threat Actor Activity Read More »

Read More

AA20-245A: Technical Approaches to Uncovering and Remediating Malicious Activity

Original release date: September 1, 2020 Summary This joint advisory is the result of a collaborative research effort by the cybersecurity authorities of five nations: Australia,[1] Canada,[2] New Zealand,[3][4] the United Kingdom,[5] and the United States.[6] It highlights technical approaches to uncovering malicious activity and includes mitigation steps according to best practices. The purpose of …

AA20-245A: Technical Approaches to Uncovering and Remediating Malicious Activity Read More »

Read More

AA20-239A: FASTCash 2.0: North Korea's BeagleBoyz Robbing Banks

Original release date: August 26, 2020 Summary This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques. This joint advisory is the result of analytic efforts among the Cybersecurity and Infrastructure Security Agency (CISA), the Department of the Treasury (Treasury), …

AA20-239A: FASTCash 2.0: North Korea's BeagleBoyz Robbing Banks Read More »

Read More

AA20-227A: Phishing Emails Used to Deploy KONNI Malware

Original release date: August 14, 2020 Summary This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques. The Cybersecurity and Infrastructure Security Agency (CISA) has observed cyber actors using emails containing a Microsoft Word document with a malicious Visual Basic …

AA20-227A: Phishing Emails Used to Deploy KONNI Malware Read More »

Read More

AA20-225A: Malicious Cyber Actor Spoofing COVID-19 Loan Relief Webpage via Phishing Emails

Original release date: August 12, 2020 Summary The Cybersecurity and Infrastructure Security Agency (CISA) is currently tracking an unknown malicious cyber actor who is spoofing the Small Business Administration (SBA) COVID-19 loan relief webpage via phishing emails. These emails include a malicious link to the spoofed SBA website that the cyber actor is using for …

AA20-225A: Malicious Cyber Actor Spoofing COVID-19 Loan Relief Webpage via Phishing Emails Read More »

Read More