WannaCry is one of the most recent ransomware attacks to be released that sparked losses among hundreds who were not lucky enough to bypass the lock on their data implemented by the ransomware. Many computers were paralyzed, and this is believed to be one of the worst extortion schemes in history. As a result of the effects meted on different computers by this attack and many others, people have been looking for ways to prevent future attacks and few have given thought to the possibility they could also understand how to restore their lost data after a ransomware attack. Below are guidelines formulated to help you restore your data successfully after a ransomware attack without having to pay the extortionists.
Before addressing restoration options…
If your computer has not been attacked yet, you should strive to make it backup ransomware ready. You could achieve this in a number of ways as shown below.
- Image and file backup. There are many ways to backup your files including using Google Drive and Dropbox. Always ensure your sensitive data does not just rest in folders in your computer without considering a backup option that can be reached easily after a ransomware attack.
- Use the 3-2-1 backup. This is a backup strategy in which you are supposed to maintain three copies of the same data at different locations. This means if one copy is lost, you can safely fall back to the second.
- Test recovery procedures. It is also necessary to test recovery procedures so you are able to ascertain how long it takes to recover your data after a ransomware attack. This can also prepare you cost wise.
Data restoration on Windows 8 and 10
You could try to restore your data on a windows PC after a ransomware attack. For this, simply hold down the Shift key and hit the restart option. The PC will reboot on a special recovery menu. Different Windows iterations allow this procedure and one of the most common is to restore the entire PC to an earlier data, say a day before the ransomware attack happened. If you are on Windows 7, boot up your PC and keep hitting F8 until you see Advanced Boot Options. Click on Repair Your Computer then hit Enter. This opens the System Recovery Options window and from there you can select the restore option that will allow you to go back to an earlier date.
When few files are affected
Sometimes the ransomware hits the entire PC while in other cases it only encrypts specific files. If the latter is true, then you might not need to do the system restore option described above. One of the options you have that could help you restore your files without a hustle is the SpiderOak One point-in-time recovery feature. With the software, you specify at which point in time you would like to restore your backups. You could choose to restore the files as they were a few days before the ransomware attack hit. This method is ideal even when you want to restore huge files and folders.
Protection measures you should consider
Backup recovery is a good way to access your files after a ransomware attack, but this does not mean you should never consider protection measures that will keep away any such threats from occurring. To help you prevent ransomware from encrypting your data, here are few protection measures you might want to consider.
- Multi-layered security. No single security tool will guarantee to give you 100% protection. This is why you should consider using a multi-layered approach which includes antivirus, firewalls, and behavior-based malware detectors. If the malware passes one security check, it might be caught by another before it gets embedded in your computer.
- User training. You need to raise awareness among your teams so they understand how to detect phishing, malvertising, and social engineering attempts, which are the most common ways used by attackers.
- Install patches often. Keep your security software up to date.