In my post last week, I talked about how ransomware works. If you want a deeper understanding, go read that post, but ill briefly recap how this type of malware works. First, it finds a vulnerability in your system. Maybe you clicked a link you shouldn’t have, or visited a questionable website. Once it’s in, it encrypts your files in such a way that they cannot be decrypted without a decryption key. Then, you are given a message informing you of what has happened, and asking that you pay a ransom in order to get your files back. How does this happen? And what can you do to prepare?
The first thing that you need to know is that once the malware has taken root, its too late to do much. There is a small possibility that the particular piece of software in your machine has been written poorly and your files can be retrieved, but if the ransomware is sophisticated, there is no way to brute force your way back in. (at least, not without much much more computing power than we have available). However, it is a trivial task to remove the malware from your machine. This means that if your files are not in need of recovery, ransomware is only an annoyance. The machine can be wiped, reset, and all data put back onto the machine. However, this will not retrieve any files or data that are left on the machine. Therefore, if you store valuable data on the machine, it is absolutely critical that you back it up. Having frequent backups for your critical data means that you can wipe the computer, and pull the stored data back onto it.
Backing up your data frequently is good for other reasons as well. Viruses are not the only reason that computers fail. Hard drives can fail, electrical surges can damage components, and even mechanical or chemical damage to the hardware can put your files out of your reach. Therefore, if you are dealing with valuable data, it should never ever be stored in a single place. Rather, it should be spread out in several safe locations, which are not connected. Backups will not be of any help if they fall victim to the same attack as your main machine. This is why even if you have backups, it is important that you hire a professional to ensure that you do not accidentally spread the malware before you bring files out of your backups.