How to prevent and recover from cryptoware

Cryptoware (aka Ransomware) is one of the most dangerous, annoying and frequently experienced attacks on home and business computers.

Whereas once we were afraid of viruses that upset the functionality of our computers, or monitored what we were doing in the background, this new age of sophisticated viruses takes complete hold of our entire system – locking away our files until we agree to pay a “ransom” to unlock them.

If you treasure your family photos, your university papers, or your business documents, falling prey to cryptoware can cause huge headaches for you. And unless you have proper backups of everything on your computer, you have a serious decision to make:

Do you pay the ransom, or lose all of your files?

What cryptoware looks like

If you’re attacked by cryptoware, it’s unlikely that you’ll know about it until after you restart your computer. Or while you’re working, your files or documents may start to play up.

Once you restart, your computer may open to a message like this (or have a file that contains a similar message):

You won’t be able to access any of your files, or create new files. If you were accessing a shared folder on a network (housed on an external server), it could also be locked.

You may find a text document on your desktop with instructions on how to pay the ransom to an anonymous cryptocurrency wallet.

The initial ransom could be around USD$1500. And it can be tempting to pay this and move on. But unfortunately, that’s usually not the case. While you may get your files back in the interim, the virus still sits on your computer, monitoring everything you do. A few weeks, or even a month, may pass before they lock everything down again and ask for more ransom.

What to do if you’re attacked by cryptoware

If your computer is compromised, there are only 3 ways to recover:

  1. If you have an effective backup, you can hire an IT company to re-format, reload and restore your computer to its original state.
  2. If you don’t have a backup, you can choose to pay the ransomware, or lose all of your files.
  3. If you’re happy to pay a highly experienced security specialist, they may be able to decrypt your drive.

If you haven’t been impacted by cryptoware yet, you still have an opportunity to protect yourself against the likelihood of a future attack.

How to prevent against cryptoware

The best way to prevent against Cryptoware is to do regular, thorough backups and be extremely careful of anything you download online.

Perpetrators often use email as a way of sending links that either contain a dangerous download, or a send you to a website that then encourages you to download the virus.

These emails may mimic emails from other service providers, or even government departments. The ATO, for example, is notorious for falling prey to copy-cat emails that tell you to view or download a document that relates to your tax.

The other way you can fall prey to dangerous downloads is when hackers compromise an otherwise trusted website. For example, you may go to a real estate agent’s website, or a major car company website, and attempt to download a brochure. Unknown to you, the brochure has been compromised and actually contains Cryptoware.

To prevent against Cryptoware, you should:

  1. Never, ever click a link in an email without thinking. Look at the email address the email has come from, and hover over the link until it shows where the link will take you. If it seems suspect, DON’T click it.
  2. Get yourself enterprise-quality anti-virus software. General consumer products can be poor at detecting and preventing illegal downloads.
  3. Backup, backup, backup.
  4. Hire an IT company to actively manage your security. At Empreus IT, we are alerted in real time to any attacks on our clients’ computers, and may be able to prevent them before they cause serious damage. We also perform regular, thorough backups to ensure the integrity of all of your data files.

The expense of any of these preventative measures is nothing compared to what you will have to endure if you’re attacked by cryptoware.

Our managed antivirus solutions are available from just $50 per computer per month, and will give you peace of mind, and potentially save you thousands on recovering from a cryptoware attack.

For more information on how we can help you prevent against cryptoware, or recover from cryptoware, please call (02) 6189 1322 or contact us now.