Ransomware attack: 7 easy things to do after it took place

by | July 20, 2021 | How to

Have you fallen for a ransomware attack? Unfortunately, it can happen to anyone, so try to stay calm and follow some simple steps to maintain the security of your devices.

According to Wikipedia, Ransomware is a “type of malware from cryptovirology that threatens to publish the victim’s personal data or perpetually block access to it unless a ransom is paid. While some simple ransomware may lock the system so that it is not difficult for a knowledgeable person to reverse, more advanced malware uses a technique called cryptoviral extortion.”

Ransomware attacks can be delivered through emails.
Ransomware attacks can be delivered through emails.

1. Make sure the ransomware attack is real

As ridiculous as it may seem, it may happen that you haven’t been infected yet and you’re just worried. When your computer shows a ransom message, the threat is more than obvious. In many cases, however, it may seem difficult to identify the attack.

Keep in mind that opening an infected email and reading it won’t affect your computer. However, downloading and opening attachments can put your computer at risk.

It’s important to train your staff who regularly receive external messages about the risks behind emails. Our Cyber Security Awareness Training program helps your employees to always be prepared for cyberattacks.

Only by taking cybersecurity seriously, you can be always prepared for all the online challenges that are just one click away from you.

2. Disconnect the affected device from the Internet

Did the worst thing happened and is your device the victim of a phishing attack? Then it’s essential to cut off the Internet connection. If you’re using a wireless connection, turn it off. If you’re using an Ethernet cable, unplug it asap.

Protect from phishing

3. Scan your computer for viruses

If you’re suspicious of a potential ransomware infection, it’s crucial to scan your computer for viruses. You should start a full system scan even if your computer is slower than usual or acting strangely. Use a virus scanner to identify the malicious files. For Windows, you can use the free antivirus Windows Defender, and for Mac, there is a free version of Malwarebytes. We recommend investing in advanced antivirus software from reputable brands like Bitdefender or Norton.

In case you don’t already have an antivirus on your computer, you can download it on another computer and install it from a USB stick. Make sure you format the USB drive in a secure environment, as the virus can quickly copy itself onto the drive.

4. Backup your data

Data backup can save you in case of a ransomware attack. Even if all your local files get encrypted, if they are backed up, they can be easily recovered. More advanced data backup services have malware/ransomware protection and file versioning so that even if infected files are backed up, the clean versions can easily be restored.

In most cases, recovery after a ransomware attack means reinstalling everything on the affected device(s). Therefore, you should copy your important documents if you don’t have a backup system installed. These documents should then be very carefully checked for viruses on an isolated computer. Be very careful, as they can be infected and carry the virus back to your computer after everything is cleaned.

5. Change your passwords

Once your computer is infected, the attackers can access most of the data on it and even install special software that records everything your type, called keyloggers. Even though ransomware attacks are usually only focused on getting a ransom for your data, it’s better to be safe than sorry and change all your passwords.

6. Alert the company or the person the email appeared to be from

A whole lot of people have been infected with ransomware through deceptive emails, with bad actors posing as reputable companies. To prevent other people from getting infected, you can alert about the ongoing cyberattack the person or company that is impersonated.

7. Evaluate the vulnerability of your business for future ransomware attacks

Is your business vulnerable to future ransomware attacks? A recent study shows that most companies are hit multiple times by ransomware and other cyberattacks. How can you prevent the same things from happening again? An important step towards protecting your business is training your employees.

ATTACK Simulator
The Security Awareness Company

The ATTACK Simulator team provides you with extremely useful tools that will help you be on top of things, regardless of the threats from online.

We don’t allow attackers to catch you off guard, which is why we have created an extremely useful educational platform, along with ransomware attack simulations, so that the security of your business becomes a reality.

Find out how vulnerable your employees are to ransomware and other cyberattacks by requesting a Free trial here.

by Doina Voicu

There’s no reason to postpone training your employees

Get a quote based on your organization’s needs and start building a strong cyber security infrastructure today.