Tips to Recover Data and Prevent Ransomware
For those unfamiliar with ransomware it’s a rather nasty kind of malware as it encrypts all your important files making them unreadable, until you pay the ransom demanded. Once you make payment the hacker should unencrypt your files. I say “should” as there are known instances where the hacker took left the files unusable.
Now for some good news – the following are tips for prevention and recovery.
- Create a plan – The time to figure out how you would respond to such an incident is NOT the minute it happens. Figure out in advance who to call for help, what your passwords are, where your install disks and other important items.
- Backup and test – To protect yourself from various risks, including ransomware, you need a good backup strategy, which must include monitoring backup status and testing of the restore process to ensure restored files are usable.
- Use antivirus software and firewalls – Much has been written of late about the weaknesses of antivirus software, and to some extent firewalls. The fallacy of this argument, however, is that for every malware item with newer signatures in the wild, there are hundreds still making the rounds that have older signatures, and can thus be blocked.
- Perform software updates – Ransomware, like many malware programs, makes use of vulnerabilities in Windows, OS X and other software to infect your systems. You must faithfully ensure that updates get applied.
- Restrict mapped drives – Make sure that server drives are only mapped to the user PCs where they are actually needed. Use read-only folders where possible. If an infected PC cannot access the server drive, it cannot infect it.
- Know who uses your PCs – Restrict the use of each PC to only authorized people. In an office environment, keep them locked down, so that maintenance personnel cannot use them for a quick Web search.
Bottom line: The best cure for ransomware is diligent prevention. Once you are infected, your options may be limited, expensive and unpleasant.