51ÂÜÀò

Skip to main content

Don't Pay the Ransom

August 16, 2019


A padlock with a skull-and-crossbones appears on a computer display.


Ransomware is a type of malicious software that encrypts your files so that you can’t open them without a decryption key. The attackers then claim that the only way to decrypt and gain access to the files is by paying a "ransom" fee. If you pay, the attackers might provide the decryption key allowing you to regain access to your files.

Watch this short video to learn how ransomware works:



How Infection Works

Ransomware usually comes in an email message with malicious attachments or links to malicious websites. It's also possible to get an infection through instant messaging or texts with malicious links. Ransomware can spread to any shared networks or drives to which your devices are connected. Once infected, the ransomware will begin to lock down files and display a ransom message.


A screenshot of the WannaCry ransomware message.


How to Protect Yourself

  • Back up your data regularly. Once a ransomware infection occurs, it's often too late to recover the encrypted information. A safe backup is the only way to recover encrypted files after a ransomware attack.
  • Beware of phishy email messages with attachments or links. Ransomware can also appear in a pop-up window telling you that your computer is infected and asking you to click for a free scan. Also, beware of malvertising, malicious advertising on an otherwise legitimate website. Antivirus might not detect a malicious attachment, so it's important for you to be vigilant.
  • Keep your computer (and mobile devices) up to date with software updates. If you're prompted by your computer or mobile device to accept updates, install them right away.
  • Keep your antivirus software up to date and functioning. IT manages this for 51ÂÜÀò-owned devices.


How to Handle an Infection

  • Isolate or shut down the infected computer as soon as possible to prevent ransomware from attacking network or shared drives:
    • Turn off WiFi.
    • Unplug from the network.
  • Don’t pay the ransom. The attackers might not give you the decryption key, and even if they do, they might have left a backdoor to re-encrypt your files in the future. Additionally, paying the ransom will only feed the ransomware industry, encouraging more attacks.
  • Report the ransomware attack to the IT Helpdesk immediately.


Further Reading

  • Read the New York Times article "."
  • Naked Security by Sophos offers .
  • Explore Trend Micro's "," which includes a rescue plan infographic and a five-minute video.
  • Europol's European Cybercrime Center provides .
  • Learn more about the  in this MalwareBytes infographic.

Online Security graphic courtesy of stockio.com.