What do you do if you’re the victim of a ransomware attack?
Published Tuesday, December 17, 2019 6:55PM PST Last Updated Tuesday, December 17, 2019 7:39PM PST
VANCOUVER -- The data breach of LifeLabs may have you wondering what you would do if you were the victim of a ransomware attack.
First, don’t panic. Is it an actual attack or just a threat demanding you pay up or personal information will be released?
Those come in emails and may actually contain personal information like a password you use. They claim to have control of your computer but the information could have been obtained from previous data breaches. Run a complete virus scan of your computer for malware—if there's none, ignore the email and delete it.
A real ransomware attack locks your computer and data by encrypting it. However, many attacks are poorly coded and master keys have been leaked. Try an online de-cryptor tool to unlock it. Malwarebytes has made some available and you can find others online, just be sure it’s a reputable site. If that doesn't work—it's a personal decision to pay but some experts say don't— there's no guarantee your data will be released.
"I've not seen evidence that these ransomware authors are going out and stealing data off the machines for the most part, they're encrypting as many machines as they can and just extorting the owners for bitcoin,” said Robert Capps, VP of Market Innovation for Nudata Security.
"A sophisticated attacker if they have control of your machine using malicious software could theoretically, modify data, download data as well as delete and encrypt. If they have access and control they can do anything they want. I've not seen evidence of that in large scale," he said.
To prevent ransomware attacks
- Don't click on suspicious links
- Run updated anti-virus programs
- Keep operating software updated
- Regularly back up data to an external hard drive and keep it offline