We’ve all had more on our minds than ever in the past year due to the global COVID-19 pandemic, political and economic uncertainty, natural disasters, and more. As such, it’s natural that we may have perhaps been less diligent than we should about cybersecurity and using online programs with care. Unfortunately, hackers were already out in force before the pandemic hit, but with millions of extra people working from home since 2020, they’ve been even more prolific. In turn, thousands of people have had their systems hacked. In particular, cybercriminals have used ransomware programs to make money by holding data and logins for ransom. If you’ve recently been stung by an attack, it’s critical to know some of the steps to take to deal with the problem.
Unplug Your Machine
Start by unplugging your machine right away from any other devices and your internet connection. You don’t want hackers to be able to lock you out of additional gadgets, such as other computers, tablets, and external storage drives, so disconnecting ASAP is imperative.
Cybercriminals can spread ransomware quickly through a network connection, so try not to allow them to do so. Don’t forget to “unhook” your logins to file-syncing platforms such as Google Drive and Dropbox, too. Acting quickly will provide hackers with less chance to cause havoc.
Work Out the Ransomware Type and Level of Damage
Next, see if you can work out precisely which type of ransomware has infected your computer. If you know, it’s easier to determine how to proceed. Most of this malware fits into three predominant categories: scareware, screen lockers, and encrypting ransomware. Some are worse than others.
You’re in a much better position if it’s scareware on your device since this is a hacker strategy where they try to scare you into paying a ransom but really, they haven’t done as much damage or locked you out like they make out. This fake ransomware should still allow you to read most files and navigate your computer systems, but you might notice multiple popups you haven’t seen before.
Screen lockers are infections that lock your computer screen so you can’t get past the notification that says you’ve been hacked and must pay a ransom. If you or a tech consultant can crack that lock, though, you should be able to access all your data. With this ransomware, many people see screen messages that purport to be from the FBI, police, IRS, or another government agency. The text states that a department has spotted illegal activity, and a fine is due to regain computer access.
The worst type of ransomware is the encrypting category. One example is the highly targeted RYUK ransomware that has stung people around the globe. This malware is horrible because it locks you out of all your files, including documents, emails, movies, photographs, and so on. It’s almost impossible to regain access to your data in this situation. Even if you do pay a ransom, many cybercriminals don’t hold up their end of the bargain and decrypt the info for you, choosing instead to grab the money and run.
See if You Can Locate the Source of the Attack
Once you know the type of ransomware you’re dealing with, see if you can locate the source of the attack. That is, where has a cybercriminal gotten into your systems? Perhaps it was via an email attachment or a virus-laden link. Hackers often find ways onto networks by learning passwords, breaking into internet connections, or infecting software downloads with surreptitious malware. Look for the initial entry point so you can better take measures to shut the hacker down.
Screenshot or Photograph the Ransom Notice
Another tip for dealing with a ransomware attack is to screenshot the ransom notice or take a photograph of it with your smartphone or another device. Capturing the details is vital if you want to file an insurance claim for business losses or computer replacement, and it’s helpful for the police, too. You can submit a report to the authorities to help them learn about the ransomware doing the rounds. The more information law enforcement agencies have, the more likely it is they’ll find and stop the perpetrators.
Use Software to Remove the Ransomware
Thankfully, ransomware removal tools exist in the market now. They clean ransomware from computers so device owners can use their machines again and know that no new files will get locked, deleted, or shared publicly. Be aware that even with this assistance, though, there’s often no decrypting your files, so you may have to start over from scratch.
Hopefully, you’ve kept backups of all your vital information over the years and can restore most of them if you can’t recover your data. If not, learn a valuable lesson about protecting yourself and your information, and work on ensuring you never get stung by a ransomware attack again.
Ryan Kh is an experienced blogger, digital content & social marketer. Founder of Catalyst For Business and contributor to search giants like Yahoo Finance and MSN. He is passionate about covering topics like big data, business intelligence, startups & entrepreneurship. Follow him on twitter: @ryankhgb.