Ransomware is perhaps one of the nastiest forms of malware out there. Once the ransomware infects a PC or server within your organization, it proceeds to encrypt or “lock” all the files it can access. On a desktop connected to a server, this can also mean all the files on any shared drive.
Once the infection has taken hold, you are unable to open any of the files it has encrypted. Trying to do so will, in most cases, trigger a warning that your system has been infected, and that you must call a phone number or proceed to a website to de-crypt your files. Regardless of the method, the “bad guys” are after one thing, money. Even if you would make the decision to pay them, there’s no guarantee they won’t demand more later, or that they will even de-crypt your files once you pay. That makes paying them not a desirable option, and, hopefully, your network is prepared so it’s not even a consideration to pay them.
So, what do you do if you’ve become infected? Most times, the most efficient answer is to restore from backups. After the PC or server where the ransomware entered has been cleaned, and your backups have been restored, you may be back to where you were before the ransomware.
If your backups are suspect, untested, or non-existent however, data loss may very likely occur. For that reason, in addition to managed, updated antivirus and anti-malware, your most important defense against ransomware is REGULAR, MANAGED, TESTED BACKUPS. We can’t emphasize that enough. The time to test is NOT after you’ve been infected.
Don’t know if your backups have been tested, or even if they have been running, or if your anti-malware/antivirus software is current and up to speed? Request A Complimentary Consultation Today.