What will happen if you suddenly got message “pay ransom to decrypt your files” ?
Ransomware infections are hitting the millions of computers, mobiles, IoT, etc. during past years and months with technology adopts. these attacks will encrypt your specific files in computer to specific file formats which are not able to read from any of current software in the world.
Is it only encrypting specific files?
No. ransomware can encrypt your whole computer, where you will be not able to load the Operating system itself.
How can we decrypt encrypted files?
currently infected users have three options.
- Pay the ransom and decrypt files – is this successful? unfortunately paying ransom will not ensure your files will be decrypted successfully even after paying ransom. attackers may go away with your money without decrypting your files. if you are lucky, attackers will decrypt and return your files back after payment.
- Restore from backups – are you ever done full backup for your computer or device? this option can work for users only who have good IT strategy with strong backup system.
- Forget everything and start everything from fresh – starting from fresh? No. That option will not be a easy option for 99% infected users because encrypted files may be most important files for business or personal matters.
So what can infected users do for this?
we have a 4th option now. You can try with Option 1 and 2. but before moving to 3rd option try to decrypt files with decryptors which are made by several security specialists.
Decryptors?
Yes. many security specialists has made many tools which can use to decrypt files which are encrypted by known ransomwares. this tools can save lots of money and time if the infected ransomware is known to researchers.
where can i get those decryptors?
infected users can get the tools from “Noransomware” tool collections which may hosted by specific security companies. for ex. Kaspersky Lab, Avast, AVG, etc. use below links to access collection of tools which are hosted by NoMoreRansom Org.
https://www.nomoreransom.org/decryption-tools.html
Are these decryptors 100% successfull?
According to researchers this tools can use to decrypt only known ransomware infections. but this tools are getting updates daily with new decrypting capabilities for newly found ransomware infections.
How to prevent affections of ransomware?
Keep in mind. ransomware are spreading to network 80% by user activities. if you found any computer infected with ransomware, isolate the host from network.
Always conscious the users to avoid unknown emails, unknown link clicks and unknown document openings with security alters such as MS Office excel macros unless it is authentic file for user.
Always keep data backups for important data in computer.
User strong security solution (firewall with sandbox) to scan network traffic for malicious and abnormal behaviors.
Take advice from good security solution integrator for secure the network.