Ransomware is a type of malware attack which prevents an organization from accessing their own data or system until a ransom (Money) is paid and displays a message requesting payment to unlock it. This particular program, named WannaCry, asks you about $300, however the price increases over time.
Types of Ransomware: There are two types of Ransomware which are mentioned below.
Crypto Ransomware: It encodes the data of a system and doesn’t target the device itself. The info can’t be accessed until it is unencrypted. It changes the files on your system so you can’t open them.
Locker Ransomware: It locks the system without encrypting data and the system devices are rendered non-operational. It shows a message that prevents you from accessing the system or files. It says you need to pay ransom (money) to get access to your system again.
Ransomware attacks are on the rise and have expanded in 2016. According to CNN, the digital extortion of Ransomware was over $200 million and is likely to grow to $1 billion by the end of 2016.
Ransomware can do:
- Stop certain apps from running (like web browser)
- Prevent you from accessing Windows
- Encrypt files so you cannot use them
- Back up your data in some storage device
- Use robust antivirus software
- Keep your software on your system up to date
- Trust no one, literally
- Enable ‘Show file extensions’ option in the Windows settings on the system
- If you discover any unknown process on your system, then disconnect it from the internet or other network connections (prevent the infection from spreading)
- Use System Restore to get back to a known-clean state
- Use a reputable security suite
- Patch or Update your software
- Don’t visit shady websites
- Avoid public Wi-Fi and other non-secured networks
- Disable RDP (Remote Desktop Protocol)
- Use the Cryptolocker Prevention Kit
- Disable files running from AppData / LocalAppData folders
- Filter EXEs in email
- Show hidden file-extensions
- Set the BIOS clock back
- Do not install programs and apps from unknown sources
- Verify and research before downloading or making use of services
What do I do if my system is infected with WannaCry Ransomware?
If your system is infected with WannaCry Ransomware or any type of Ransomware, then follow below-mentioned steps:
1: Disconnect All Network Connections on Your System: Turn off your network connections until everything is cleared as it will ensure that malware doesn’t spread through the system.
2: Change the Password:
Using different device change the account password and log then out as it will control the damage brought on by Ransomware attack.
3: Inform the Authorities: Once you caught in this, then inform to your local authorities. Let them know about the attack from where you got the malware. It will help authorities in their investigation. Government authorities also have a wider reach to broadcast important info.
4.Inform your Friends and Family: Tell the people who are close to you that you are a victim of a Ransomware attack will keep them alert. Tell them not to open any email attachments from you as the malware could have accessed the mail client and sent a malicious file through email.
5: Contact IT Support and Antivirus Provider: Inform IT or antivirus provider as they may know any ideas on how to help and to recover files from your system. Be as detailed as possible when communicating info to them.
6: Never Negotiate with the Hackers: This is one of the important points you should remember that paying the hackers would only reward them for their acts. Also, it is not necessary that you will get back the files. The main things for these attackers is money. The moment they get that no one is paying them for their hard work then they will voluntarily quit.