How To Protect Your PC From Ransomware

Ransomware Viruses are used as a way to extort money out of a person or company by encrypting and locking all of your PC or network files. The following list offers tips on avoiding becoming infected by ransomware or similar viruses.

  1. Run an up to date Anti Virus. A good anti virus may prevent you from opening a malicious file from email. This is not a catch all and many viruses and ransomware will still infect your PC even if you are running up to date computer security.
  2. Have a strong password on your PC and email access.
  3. Don’t click on email attachments from people that you do not know. If unsure you can contact your IT provider to confirm whether it is malicious.
  4. Even if you do know the sender be wary of attachments. If you are unsure it is best to contact the sender via telephone and confirm that the email is legitimate
  5. Take note of the language used of the email you have received. Ransomware will usually be sent with a generic text email and will sometimes look unusual or out of place.
  6. AVOID ZIP FILES. Invoices/Statements/price lists should not require zip files. once again, contact and confirm with the sender before opening any zip files.
  7. Be wary of downloads from websites. if you are unsure of whether the file is legitimate, do not install.
  8. If you have opened a malicious file and activated a virus or ransomware. Shut down your computer ASAP. if you can not do so via the start menu > shut down options you should hold down the power button on the front of your PC for a few seconds. Call your IT support and let them know. This can minimize the damage caused by ransomware.

Follow these tips but above all remember. If it doesn’t feel right don’t open it.

Leet IT Provides network and computer support in Newcastle and the hunter Valley. If you require more information you can Contact Us

Dealing with cryptolocker, Locky and other ransomware

The following is a short guide to help understand, avoid and attempt to recover files that have been damaged by ransomware. Variants of ransomware include Cryptolocker, Locky, Xorist, CryptorBit and Cryptodefence.

Ransomware Viruses are used as a way to extort money out of a person or company by encrypting and locking all of your PC or network files.  The malicious software then places internet links or text files on your PC with instructions on how to pay the ransom (most usually in the currency bitcoin)  It is a nasty strain of virus and can make its way into your network by seemingly legitimate means.

How does Cryptolocker get in to my network?

  • Emails from legitimate looking businesses containing attachments or links
  • Emails from known contacts that have been compromised by a virus
  • Downloaded from a malicious website
  • Security exploits and remote access via password spamming

By understanding the viruses entry methods we can begin to formulate a prevention strategy.

  • Education is key.  let your staff, family and friends know about the dangers of cryptolocker and what to avoid.  This is the most important thing.  please refer to the PSA at the bottom of this post.
  • Quality passwords. especially on PC’s and servers with remote access enabled. something with at least 7 digits with uppercase lowercase and symbols.
  • Constant rotating backups.  Cryptolocker can damage your backups when connected to an infected server or PC.   Multiple backups and offsite backups can make things much less stressful in the case of a ransomware attack

“I don’t care about prevention.  I have been infected and I need a way to recover my files.”

OK. prevention is great in hindsight but if you have been infected you have a few options.

  • Recover from the most recent backup you have.

Fantastic plan if you have a recent backup.  Recover and overwrite all of your encrypted files.  You win, they lose. not helpful at all if you either don’t have a current backup.

  • Cut your losses and start from scratch

Cryptolocker and other ransomware keys are amazingly complex and only a couple of the many variants have ever been decoded.  since this the encryption method has become much more advanced and complicated to unlock.  There may be a solution in the future but it is highly likely that the files will never be decrypted.

  • Pay your ransom

A lot of people ask whether they should consider paying their ransom.   Noone likes giving money to criminals but if is your only source of recovery and is the difference between losing every file you own the method must be considered.  Ransoms usually range between 500 US and 2000 US and are paid in the bitcoin currency.  Even if you have decided to pay you still face a small ordeal consisting of the following.

Sometimes the latest anti virus and the best network hardware and security settings can not help you. When you or an employee receives a legitimate looking email from a legitimate email address it is only education that can prevent Cryptolocker. Refer to our  post How to protect your PC from ransomware

Leet IT Provides network and computer support in Newcastle and the hunter Valley. If you require more information you can Contact Us