BOOK AN APPOINTMENT WITH AN IT SPECIALIST TODAY

3 Tips Will Help Save Your Computer from Ransomware

Quick Tips to Save Your Computer from Ransomware

Are you struggling to remove vicious ransomware from your computer? These quick tips will help you (safely!) access information on your computer and get back online in no time.  

Ransomware

You’ve heard about ransomware attacks, but never thought it could happen to you. That’s the beginning of the story that IT professionals around the world are hearing from users — business users, individuals, schools — there are no “safe spaces” when it comes to the ability of cybercriminals to wreak havoc on your technology. There’s always the option of paying the ransom, but this path is fraught with dangers. If the attacker doesn’t issue you the unlock code for your files, there’s no Better Business Bureau to report them, you lose the money you paid and will still need to work with professionals for ransomware removal. Understanding the three key variants of ransomware is the first step to potentially rescue your computer.

Three Main Variants of Ransomware

Ransomware is often classified into three main types:

  • Scareware, when a bogus antivirus screen pops up on your computer, letting you know that there are “many issues” and demanding money to remove the detrimental files. This is the easiest variant to resolve.
  • Lock-screen viruses are a more advanced attack and can be quite frightening. With this type of ransomware, you might be presented with an official-looking screen that you cannot navigate away from with details on sending money securely to remove the lock.
  • Advanced ransomware physically encrypts your files as well as locking access to them. It can be significantly more challenging to remove this type of ransomware without paying the fine. One example is Ryuk, where data recovery by professionals has only been successful approximately 3% of the time.

PC Rescue and Recovery Tips

While the other sure path to success is to work with a local technical professional to get everything up and running securely, you may be able to run through these tips and release your PC from the hostage situation.

  1. Enter Windows’ Safe Mode and utilize on-demand anti-malware scanning software such as Malwarebytes.
  2. If your anti-malware software isn’t successful, your next option is to attempt to restore to a point in time when your computer was safe and free from infection. You can complete this task by shutting down your PC completely. For Windows 7: Restart your computer, pressing the F8 key repeatedly and then selecting “Repair Your Computer”, log on and select System Restore. For Windows 8, 8.1 or 10: Hold down the Shift key, select Restart which will reboot your computer to the recovery screen. From there, you will select “Troubleshoot” “Advanced Options” “System Restore”.
  3. If your system restore attempt is unsuccessful, your next option is to attempt running anti-malware software from a USB drive or bootable disk. The following trusted vendors have solutions available: BitdefenderAvastKasperskyNorton and Sophos.

The final step in the recovery process often involves finding your lost files and attempting to restore any additional systems settings that were lost during the process.

Ransomware recovery is a pain at best and very expensive at worst. A strong defense is your best option and installing a strong anti-malware and antivirus software package will help repel the vast majority of attacks before they can take hold. However, the only sure-fire method of ensuring you don’t lose anything in a ransomware attack is to create full and complete external backups. With ransomware attacks surging 77% in 2019, there’s always the possibility that you will never retrieve your priceless memories and private files without a solid backup plan in place.

More Like This

AA20-209A: Potential Legacy Risk from Malware Targeting QNAP NAS Devices

Original release date: July 27, 2020 Summary This is a joint alert from the United States Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC). CISA and NCSC are investigating a strain of malware known as QSnatch, which attackers used in late 2019 to target Network Attached Storage (NAS) …

AA20-209A: Potential Legacy Risk from Malware Targeting QNAP NAS Devices Read More »

Read More

AA20-206A: Threat Actor Exploitation of F5 BIG-IP CVE-2020-5902

Original release date: July 24, 2020 Summary The Cybersecurity and Infrastructure Security Agency (CISA) is issuing this alert in response to recently disclosed exploits that target F5 BIG-IP devices that are vulnerable to CVE-2020-5902. F5 Networks, Inc. (F5) released a patch for CVE-2020-5902 on June 30, 2020.[1] Unpatched F5 BIG-IP devices are an attractive target …

AA20-206A: Threat Actor Exploitation of F5 BIG-IP CVE-2020-5902 Read More »

Read More

AA20-205A: NSA and CISA Recommend Immediate Actions to Reduce Exposure Across Operational Technologies and Control Systems

Original release date: July 23, 2020 Summary Note: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise and ATT&CK for Industrial Control Systems frameworks for all referenced threat actor techniques and mitigations. Over recent months, cyber actors have demonstrated their continued willingness to conduct malicious cyber activity …

AA20-205A: NSA and CISA Recommend Immediate Actions to Reduce Exposure Across Operational Technologies and Control Systems Read More »

Read More

AA20-198A: Malicious Cyber Actor Use of Network Tunneling and Spoofing to Obfuscate Geolocation

Original release date: July 16, 2020 Summary This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK™) and Pre-ATT&CK frameworks. See the MITRE ATT&CK for Enterprise and Pre-ATT&CK frameworks for referenced threat actor techniques. Attributing malicious cyber activity that uses network tunneling and spoofing techniques to a specific threat actor is difficult. …

AA20-198A: Malicious Cyber Actor Use of Network Tunneling and Spoofing to Obfuscate Geolocation Read More »

Read More

AA20-195A: Critical Vulnerability in SAP NetWeaver AS Java

Original release date: July 13, 2020 Summary On July 13, 2020 EST, SAP released a security update to address a critical vulnerability, CVE-2020-6287, affecting the SAP NetWeaver Application Server (AS) Java component LM Configuration Wizard. An unauthenticated attacker can exploit this vulnerability through the Hypertext Transfer Protocol (HTTP) to take control of trusted SAP applications. …

AA20-195A: Critical Vulnerability in SAP NetWeaver AS Java Read More »

Read More

AA20-183A: Defending Against Malicious Cyber Activity Originating from Tor

Original release date: July 1, 2020 | Last revised: July 2, 2020 Summary This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) and Pre-ATT&CK framework. See the ATT&CK for Enterprise and Pre-ATT&CK frameworks for referenced threat actor techniques. This advisory—written by the Cybersecurity Security and Infrastructure Security Agency (CISA) with contributions from …

AA20-183A: Defending Against Malicious Cyber Activity Originating from Tor Read More »

Read More