Sunday, 14 May 2017

So you have Ransomware, what do you do?

I've put a lengthy blog post about ransomware, but you just want a quick and simple answer?

Your machine is infected and your have this screen:


  1. Don't pay - Research suggests that payment will get your files back two thirds of the time
  2. Re-install your operating system - remembering to patch it!
  3. Create a standard user account for general use, and keep the administrator account for configuration changes only.
  4. Install a good malware protection solution, and update it
  5. Scan your machine with your newly installed and updated malware protection software.
  6. Re-install essential applications, remembering to check for patches, and switch on auto updates.
  7. Copy back data from backups, remembering to scan it as you do.  One of your backup files could be infected.
Going forward:
  • Be mindful of any email attachments or links within emails
  • Continue to update malware protection, operating system and applications
  • Ensure backups are happening to prevent data loss, and even consider multiple backup destinations
  • Only use the admin account for configuration changes
This advice is more based for home users, but your can see the relevance to organisations as well.  For a more detailed look at ransomware, and what approach a organisation can take, have a look here.

No comments:

Post a comment