Saturday, November 15, 2014

Ransomware, you may have heard of it. You hopefully haven't gotten it on your computer. If you have, you hopefully haven't had to pay to get your files unlocked!

I have had 4 cases this week so far, 2 personal laptops, and 2 computers at a company I contract with. The 2 personal laptops are the cases that are the hardest to deal with, because these are personal computers that got hit by some variant of Ransomware. Both are looking for $300 to be paid in order to get their files back.
Fortunately, 1 of those I was able to get all of the files transferred off since it was a variant where it just locks up your computer and doesn't actually encrypt your files, the other was about half-way encrypted.

When you get Ransomware, the program starts to encrypt your files so that you cannot access them, or if you can access them, it is meaningless garbage text you see for text documents, and nothing for picture files.

One of the most important things you can do if you even think you have Ransomware on your computer is to shut it down immediately. Since encryption takes CPU power, the files won't get encrypted if your computer isn't running. The longer the system is up and running, the more files it will encrypt.

Sometimes, if the files are very important to you and you just cannot possibly lose them, you may have to pay the 'ransom' that is being asked. Why would I even say this?? Because if you were to ignore the Ransomware for it's preset amount of time, say 48 hours, and you left your computer on during this time, AND you don't have any backups, you may never get your data or pictures back.

The reason is because when you encrypt files and you don't know the password or private key to unlock them, it is almost impossible to decrypt them.

I should also warn you that there have been times where a person does go to pay the money, which is usually through a MoneyPak sold at Walmart, Kmart, Walgreens and the like, so that you punch in the code of the card you just bought for say, $300 and then supposedly you'll get the key to get your files back. Supposedly I say because after all, this is a scare tactic and a scam all mixed together in one.

I have also heard that authorities once able to figure out where a specific server is that is targeting people, and also holds the keys to get your files back, has been shut down to stop more and more scams. While this is obviously good to stop the criminals from continuing to do this, it means that your specific key to unlock your files has now been lost forever.

Can FM-IT Direct help you to save your files?

Yes we can help you to save your files, but be aware that depending on how long your computer has had the Ransomware or what type it is, it can be very difficult or impossible to save anything. The first thing we will do is check your files out on your hard drive and assess whether there has been encryption started or not, and to see how much of it we can save.

Call me today @ 701-491-8750 or go to the Contact Page on the website to get in touch.

Thank you,
Christian



After the files are saved or encrypted...

Once the removal of the virus is complete, or the files have been safely moved off of the hard drive(s), you will want to have your operating system and drive wiped clean and re-installed. Even if you take the files off of your computer and you feel they are safe and you can now continue on, any new files you save to your computer will also be encrypted.

Wiping the system and re-installing the operating system will ensure that the Ransomware and/or virus is gone from your computer.

Backup your files, backup your files

You've heard it before and you've meant to do it, but time just gets away from you. I've been there myself many times. When you backup your files, you also want to make sure that you have different backup versions or dates, known as versioning. This way, if you were to get Ransomware on your system, you could wipe it and then simply put the files onto your system if need be from your backup you made previously. You can also have a service like Carbonite automatically do it for you. As an official Carbonite reseller, FM-IT Direct can get you started for as little as $59 per year.