Ransomware is making the rounds again, affecting organizations like the video game company Capcom all the way to the Brazilian Superior Court of Justice. This is a threat that everybody needs to be on the look out for, from the individual to the government. So what should you do if you fall victim?

The moment you receive that ransom message, you will panic, your mind will be racing, and you won’t know what to do. The first thing you need to do is to take a step back and calm yourself down. You need to be collected to make rational decisions. There is only one choice to make, do you pay? Or do you not?

Before you can react, must first understand what you are being extorted for. What do they have on you? Is it just your local machine? Or is it your whole infrastructure? What type of Ransomware you are struck by will affect what you should do. The majority of attacks will encrypt your files, and then demand a ransom for the key to decrypt them. Some attacks will steal and encrypt your files. The idea is to have two ways to extort you. One ransom is to decrypt your files, and the other is to delete the files they have stolen from you. If you are affected by the latter attack, it must be noted that sometimes, your files will not be deleted even if your ransom is paid. After all, these are criminals.

 

Factors on whether or not to pay:

Are your files worth the amount being charged?

Make a list of everything you know that is on your computer. Your book draft, family photos and game saves may be important to you, but it is not the end of the world if they are lost. For important legal documents, passwords and other irreplaceable information, you may need to bite the bullet and pay the ransom.

What are your Company’s moral guidelines?

If the data encrypted pertains to your business, then this must be something you make public. Hiding this from your client base will lead to distrust if it is later revealed. Paying the ransom can be seen as unethical as you are giving money to a criminal organization. Sometimes you do not have a choice, but it is important to consider the optics of your actions.

When was your last backup?

If your last backup was yesterday, you would probably be safe in wiping you computer and reverting to your last backup.

 

Preventing this from happening again:

Regardless of your decisions, after this headache you definitely never want to experience this again, one of the best thing to prevent Ransomware attacks is to have automatic backups to an external disk. Your files cannot be extorted if you have them on a separate location. You can back up to the cloud, or to my personal recommendation of a personal external hard drive.