How to Prevent Ransomware Attacks and What To Do Once Infected

By C. de Lacy / 2017.05.14

After the recent news about cyber ransomware attacks despite the never-ending push for improvement of people's security online, it is hard to feel safe nowadays. However, such attacks similar to the recent WannaCry ransomware can be prevented and fixed with the following steps.

Update Operating System

The reason behind getting infected by viruses, spyware and worse, ransomware, wildly varies, but preventing them mostly involves a few rules of thumb. The first thing to make sure of is ensuring that the operating system, the user is running is always updated as much as possible, especially the Windows operating system as it is the most common target of such attacks. Anything beyond Windows XP should still be supported by Microsoft at this point and a couple of minutes of updating goes a long way.

Backup Files Regularly

The next important step is by backing up highly important files and if possible, with external storage. Viruses and spyware almost work the same way sometimes by infecting local files, but recent ransomware like WannaCry encrypts files, which almost makes recovery almost impossible unless the owner of the infected file succumbs to paying the “ransom.”

Doing this may fix the issue, though there's no telling where the files will be decrypted or if in case, they do, the assurance of the same thing not happening again is not at a 100 percent probability. This is also similar to consenting the cyber criminals that what they are doing is working.

Backing up files regularly and keeping them safe from such situation assures that some recovery is viable in the case of infected original files cannot be undone. The recovery, however, should be done once the infection is completely removed in order to not let the malicious program spread to the backup storage.

If All Else Fails

Avoiding suspicious emails and clicking shady links are already a given in order to prevent such infections, but there are times where all these steps may not be enough or that things could get out of hand due to a different person's unawareness. If the above steps are done properly, paying the ransom should be the last thing to consider and a complete reinstalling or reformatting of the computer must be done.

This is, of course, if the infection only affected a single computer. Network infection is a bigger problem, hence it could push users into doing the entire reinstallation of the operating system per machine. Suites like Malwarebytes are highly recommended options, though their effectiveness varies on how heavy, the infection is and even more so with awfully good file encryption algorithm. The best solution to this problem still heavily lies on preparedness, which should be always done with or without the risk of infection.

Real Time Analytics