My goal with this blog is to go beyond password management and cover other security and productivity topics of interest, especially topics of interest to small and medium sized businesses.
Along these lines, I've been doing some research on ransomware, especially Crowti (also known as Cryptowall).
Obviously the best scenario is never to be affected by ransomware at all.
FBI recommendations on preventing ransomware:
- Make sure you have updated antivirus software on your computer.
- Enable automated patches for your operating system and web browser.
- Have strong passwords, and don't use the same passwords for everything.
- Use a pop-up blocker.
- Only download software--especially free software--from sites you know and trust (malware can also come in downloadable games, file-sharing programs, and customized toolbars).
- Don't open attachments in unsolicited e-mails, even if they come from people in your contact list, and never click on a URL contained in an unsolicited e-mail, even if you think it looks safe. Instead, close out the e-mail and go to the organization's website directly.
- Use the same precautions on your mobile phone as you would on your computer when using the Internet.
- To prevent the loss of essential files due to a ransomware infection, it's recommended that individuals and businesses always conduct regular system back-ups and store the backed-up data offline.
But what if you've already been victimized by ransomware?
Here are some worthwhile resources I've found:
http://www.microsoft.com/security/portal/mmpc/shared/ransomware.aspx
http://www.bleepingcomputer.com/virus-removal/
http://malwaretips.com/blogs/category/ransomware/
https://forums.malwarebytes.org/index.php?/forum/39-malware-removal-guides-and-self-help-guides/
You should contact your local FBI field office.
If you have a good recent backup of your computer, you can wipe the infected machine and then load the backup.
You can contact a reputable security professional to assist you.
In some cases, according to the FBI, the simplest path can be to pay the request, although other resources like Microsoft suggest not paying the demand.
Would be great to hear from you in comments if you've ever been a victim of ransomware and how you recovered.
