A couple of days ago, I mentioned Backblaze and their newsletter with an article about Tips for working remotely. That newsletter has a link to an older article that discusses how to prevent a ransomware attack and recover if you get one. It’s a fairly long article that covers a lot of ground.
Sadly, ransomware is a growth business. Between Q1 and Q3 of 2017, attacks grew from one every 2 minutes to 1 every 40 seconds. Thing haven’t gotten any better. Hardly a day goes by with a report of another attack and some hapless company or government entity trying, often times unsuccessfully, to recover.
Infections can be difficult for big organizations to prevent because every employee has to security aware and vigilant. The means of infection are mostly the usual vectors of phishing, corrupt Websites, and social media. There are some other methods mentioned in the article so be sure to take a look.
The best part of the article, I think, is their discussion of what to do when you get infected. That includes isolating any infected machines from the local network, of course, but also the best way to go about recovering.
Effective recovery assumes, of course, that you have a backup of your data. That could be local or, better yet, a cloud based backup service. After that, the most important step is to complete wipe your system and start from scratch. They even recommend formatting your disks. Otherwise, the infection could reestablish itself.
Needless to say, the article suggests Backblaze as the means of backing up your data. They, of course, have an ax grind but I don’t and as I said in my previous post I’m really happy with them. They have a history of your files going back 30 days (a year for $24/year more) so you can recover your files before they were encrypted even if some of the encrypted files were also backed up.
If you care about the data on your computer, ransomware is a terrifying threat but a decent backup can make recovery as pain free as possible.