What to do if you receive ransomware messages?
Symantec Malaysia Systems Engineering director David Rajoo shared that once the encryption process starts, there is little the user can do, as it happens very quickly.
He noted that it is unlikely that the user will notice the ransomware is encrypting until it’s too late. But, if by a slim chance, the user realises in the seconds after running the malware, they may attempt to power off the machine, then use an external boot disk to boot the machine and run a cleaner tool. This may prevent the ransomware from encrypting all the files.
“Any computer that has been infected should not be trusted. It is always best to restore the computer either from a backup, or reset to factory using a recovery disk and then immediately update and apply all patches.
“These are important steps, as we have seen ransomware, that not just ransoms the users’ files, but also installs banking Trojans to clean out the users’ bank accounts, typically capturing the users’ banking details when they log into their bank to pay the ransom. If the back-ups were not encrypted by the ransomware, it is unlikely that the files were infected,” he added.
Most importantly, those affected should never give in to these threat by paying the ransom stated, IT experts have warned. In doing so, users will only fuel the growth of this senseless crime.
“Paying criminals is never recommended, as it feeds them and rewards them for their crimes. There is also no guarantee that your files will be released back to you,” Symantec Malaysia stressed.