Paul Ducklin on ransomware options

These days, I don’t think you can have too many articles about what to do when you’re hit with ransomware, especially articles written by someone as knowledgeable as Paul Ducklin.

Got ransomware? What are your options?

He includes sections on:

  • Shortcuts to recovery
  • Longcuts to recovery
  • Cracking the encryption

And those cover most of the recovery options, which is what most people will probably want to know. Unfortunately, those options aren’t always there, hence the downbeat tone of the ‘What to do’ section:

What we are saying is that if you really need your files back, and you haven’t taken any precautions such as backing up, then you don’t really have any choice but to pay.

We’d rather you didn’t pay up, but if you do, we understand and respect your choice. (It’s easy to be high and mighty when it’s not your data on the line!)

I’m afraid I’m totally in agreement with that. However, he does follow up with a list of ‘useful ransomware precautions’, and we can never make too many of those recommendations either. This is certainly a case where prevention is a much better option than cure. In brief, his recommendations include, if I can summarize:

  • Good backup strategy
  • Disable macros
  • Consider viewer apps
  • Distrust attachments
  • Don’t routine run with admin privileges
  • ‘Patch early, patch often’

David Harley

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.