What to do when you know your computer is infected with ransomware

Anyone is at risk of being attacked by hackers. Even the most careful, most security-conscious people will have moments of neglect or mistakenly click on a link containing malicious code.

According to recent research, the number of ransomware attacks has doubled in 2020. Even in 2021, an estimated ransomware attack occurs every 11 seconds.

No one wants their computer infected with ransomware. However, if you accidentally get infected, what should you do? Here are 5 important things you need to do as soon as you are infected with ransomware to minimize the damage to yourself and your family, work or business.

1. Isolate and shut down infected computers máy

The first thing you need to do is quickly isolate the ransomware infected computer from the home, work or business network and power it off. The faster you act, the lower the risk of ransomware infiltrating your organization's databases and the smaller the number of infected computers.

Usually, agencies and businesses will disconnect from the internet and shut down their entire systems when infected with ransomware because this is the most effective method of preventing ransomware from spreading.

2. Implement contingency plans to ensure work progress

When infected with ransomware your work and work, business will come to a halt without an alternative. Therefore, you and the agencies and businesses need to have backup plans ready to be able to ensure that all jobs, business plans and customer service are not affected.

3. Report to law enforcement agencies

Many agencies and businesses are not willing to report cyber attacks or ransomware to law enforcement for fear of exposing sensitive data. However, this reporting is necessary and it also helps law enforcement quickly find the culprit, preventing further attacks.

In some countries, law enforcement allows businesses to report data attacks within 72 hours.

4. Restore the system from backups

The best data protection measure is backup. However, for global businesses, data recovery can be time-consuming due to the large volume of data that needs to be restored.

This shows the need for the first action because the earlier a ransomware infection is detected and prevented, the fewer computers and data need to be restored.

5. Fix, patch and monitor và

In this final step, businesses need to overcome the consequences of ransomware. Then, agencies and businesses need to coordinate with parties to find out the security holes that hackers exploit. If the vulnerability is not patched, agencies and businesses will face the risk of continuous ransomware attacks even if they have fixed or paid data ransom.

Agencies and businesses need to strengthen supervision of activities in their networks. Other security measures also need to be applied and in addition to raising the security consciousness of employees.

Isabella Humphrey

Update 23 June 2021