Ransomware – Cryptowall 2.0 Help!

Ransomware demandWe’ve seen a few more cases of the Cryptowall 2.0 ransomware this week and thought it best to advise people on how to prevent and deal with ransomware if infected.  Ransomware is a type of malware which restricts access to the computer system that it infects, and demands a ransom be paid to the creator(s) of the malware in order for the restriction to be removed.  The most common form of ransomware at the moment, encrypts all personal documents including images, videos, word, excel documents etc on the computer, plugged in USB devices and network shares.  It then demands a ransom to decrypt these files.

How to avoid ransomware:

  • Ensure your operating system and security software are regularly updated.
  • Don’t open attachments from unknown sources or from emails that appear to be from a legitimate source but are suspicious.
  • Regularly back up important data and keep it on removable storage.
  • Ensure staff are educated in good computing practices and how to spot threats.
  • Block unnecessary email attachments.

What to do if you have become infected:

  • Shut your computer down straight away and disconnect all USB devices and network cables.
  • Call your IT support and tell them what has happened.
  • Don’t use the USB devices in any other computers.

If you’ve been infected we can help, the first thing to do is look for your most recent backup as this is the best way to recover your files.  Failing that we can try to use shadow volume copies or even specialist file recovery software.  We don’t recommend paying the ransom as you have no guarantee’s and you will only be funding the criminals behaviour, but if all else fails and you need the documents back we can advise you on how to do it.

If you’re worried your computers maybe at risk get in touch, we’ll be happy to help.