GHARIB Posted March 3, 2022 Share Posted March 3, 2022 (edited) I use to deal with ransomwares in companies/industry, and I would like to give you some advices.  A ransomware is used to infect as many computers/systems as possible, exploiting some vulnerability in common softwares (for example Windows OS 🙄 ). It encrypts the data with a unique key , only known by the attacker, and asks the victim to pay , usualy through a "timeframe window" displayed on the victim's screen. [-> We all of us know this!]  Example of what it looks like (here screenshot of WannaCry)    Keys to stay safe : An up-to-date antivirus, always keep updated your softwares (OS especially) , always check if a link is suspicous, or where you are downloading from your files, delete all suspicious email (or forward it to the "blue team" / IT service if it is at work).   IMPORTANT (my advices) : 1 - If you are infected by a ransomware, DO NOT pay the ransom. Please first, call the local authorithy, and then a professional IT specialized in analysis/recovery. 2 - Disable your router / unplug your device, because it will certainly propagating itself throught your network! So contain it by unpluging your network! 3 - ALWAYS have a backup of your important DATA . Opt for a backup policy before the incident!  Forensic analysis , mainly through sandoxes , allows a blue team to understand the behaviour of the malware (network behaviour - IP/Domains contacted / registry keys created, all exctrations indicators...)   If you know what you do, it exists lot of free tools allowing to decrypt most of ransomwares: https://www.avast.com/fr-fr/ransomware-decryption-tools https://noransom.kaspersky.com/ https://www.mcafee.com/enterprise/fr-fr/downloads/free-tools/ransomware-decryption.html  If you don't know what you do, once again, call a professionnal!  Stay safe IRL and in your "digital life" 💪     Edited March 3, 2022 by GHARIB 2 2 2 Quote Link to comment Share on other sites More sharing options...
TBAR Flash Posted March 3, 2022 Share Posted March 3, 2022 And: Always have an external daily backup from your system and your datafiles! Disconnect the external backup-harddrive (usualy usb) after every backup. Use 2 external backup solutions! Â 1 1 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.