Small Business IT Services

Hit by Ransomware? Don’t Panic!

​​ Hit by Ransomware? Don’t Panic!

 This weekend the world reeled from a massive ransomware attack called WannaCry.  Hospitals, major companies and government offices were hit by a virus that seeks to seize control of computers until the victims pay a ransom.

It’s your worst nightmare. You bring up your computer, and you see a message telling you that all your files are encrypted, and that you have to hand over money if you ever want to see them again. Your first impulse on seeing a ransomware message is to panic.

Panicking is exactly what they want you to do. The criminals who disseminate ransomware want you to make a frightened, hasty decision to pay them. The message may tell you that more files will be encrypted if you don’t respond quickly, or that after a certain length of time you won’t be able to get them back at all.

Don’t panic. We may be able to help.

Paying is a last resort

Sometimes people have no choice but to pay. Hospitals are favorite targets, because any lost time could endanger lives. But you should weigh your decision carefully, and if there’s any reasonable alternative, you shouldn’t pay.

  • Paying supports crime. You’re rewarding the crooks’ actions and providing them with more resources.
  • There’s no guarantee you’ll recover your files. These people are crooks, after all.
  • It may not be necessary. You may be able to undo the damage without their cooperation.

Not all ransomware is the same. We can rank it on a rough scale of difficulty:

  • Pure bluffing. Some "ransomware" just puts up a pop-up window claiming your computer is locked up. Force-quitting the browser is usually enough to get rid of it. Another kind of bluffing is a claim that your files will be reported for illegal content. There’s rarely, if ever, any substance behind the threat.
  • "Locking" ransomware. This kind doesn’t damage any files but just prevents you from running applications. We can remove it and get your machine back to normal.
  • Broken encryption. Some ransomware really encrypts files, but in ways that have known remedies.
  • Serious encryption. Unfortunately, some kinds of ransomware really do encrypt files in a way that’s unbreakable without the decryption key.

Check your backup

If you have a recent backup of your files, you can restore them without too much trouble. Make sure to disinfect your system first, or the same thing will just happen again. Also make sure you still have a good backup. Ransomware tries to encrypt any attached drives it can find, precisely so you can’t recover from a backup.

An offline cloud backup is the safest. It backs up files through an API rather than treating the backup as another storage device, so ransomware shouldn’t have any way to get at it.

Talk to us first

Your first reaction on seeing a ransomware message should be to draw your hands away from the keyboard, take a deep breath, and think about your options. Your next response should be to give us a call. We can examine the effects on your computer and tell you what is possible. There’s only one other thing you should do right away: Disconnect your computer from the network, so the damage can’t spread to other devices.

In some cases, we can remove the malware and restore any damaged files. We may be able to assist you in restoring files from backup. It may turn out that your only options are to pay the extortionist or lose files, but we’ll help you explore all other options before that.

Whatever the situation is, you need a thorough malware checkup after getting a ransomware message. There may well be other malware on your computer, ready to make a second round of demands or to steal information. You need to make sure that when the nightmare is over, nothing remains lurking on your machine. Checking the other devices on your network at the same time is also a good idea.

Prevention is the best treatment

Of course, it’s best if your computer doesn’t get ransomware at all. We can help you to set up computer and network security to keep the large majority of attacks from getting through, and to maintain reliable backups so that you can recover if the worst happens. Contact us to learn about the services we offer, and then you’ll be able to sleep without nightmares.