Criminals have been thinking up ways to leverage the internet for nefarious purposes since its earliest years. Black markets, identify theft, and malware have become ever-present threats. Cybercriminals make an estimated $1.5 trillion each year. And of that massive sum, $11.5 billion is skimmed from businesses and individuals through ransomware.
What is Ransomware?
It is a kind of malware that silently works its way into your system, encrypts important system and personal files, and demands payment – or a ransom – for the decryption key. The ransom demanded can range from a couple hundred dollars up to thousands, paid via a credit card of cryptocurrency like Bitcoin.
So… How Could I Get Ransomware?
Like other kinds of malware, ransomware is often transmitted through phishing attacks. The hacker will send an e-mail that appears legitimate but includes an infected attachment. When you download and open the attachment, the ransomware will be released. It will immediately go about encrypting your files and locking you out from accessing them.
While some ransomware attacks are random, the majority are directed at targets that have low security measures or need consistent, fast access to sensitive files. Because of this, small and medium-sized businesses, medical facilities, and law firms are some of the most common victims of ransomware attacks.
What Should I Do if My Computer is Infected?
Since ransomware’s whole purpose is centered on demanding payment for your files, you’ll know if your computer is infected. You’ll likely get a notification that your files have been encrypted and will not be released until you’ve made payment. Sometimes, the message will even purport to be from a law enforcement agency, claiming that pirated software, child pornography, or other illegal digital goods have been discovered on your system. Then, the message will demand that you pay a ‘fine.’ Either way, you’ll face a choice: Will you pay or won’t you?
It’s universally advised (including by the FBI), that you do not pay the ransom. Instead, you should contact your local FBI field office so they can conduct an investigation. The sad reality is, even if you pay the ransom, there’s no guarantee you’ll get your files back. And if you do pay it, you’ll only be offering an incentive for hackers to continue with their ransomware attacks.
Can Ransomware Be Removed?
So, what should you do if your computer is hit with ransomware? Reboot it in safe mode, install virus protection software, scan your system to discover and remove the ransomware, and (if needed) restore your computer to a previous state. While this process will remove it from your system, it will not decrypt any encrypted files.
Once ransomware has encrypted your files, it’s almost impossible for you to get them back. Today’s encryption technology is simply too advanced to be broken without the right decryption key.
So, yes. it can be removed. But any affected files will likely be lost forever. That’s why it’s so important to have a robust digital security system in place before you get hit by a ransomware attack. Ultimately, that’s the only way you can keep your business or organization safe from this growing cyberthreat.
Fortunately, Mazteck has years of experience in helping clients recover from ransomware attacks and preventing further attacks. If you’d like to learn more about how we can safeguard your business or organization, take a look at our cyber security solutions.