How data backups protect you from ransomware

Most instances of ransomware target small businesses but many target home users too. We all have credit cards, bank accounts, retail accounts and data we would rather not share. All of this is prime fodder for ransomware. Yet, with a backup, the threat of having all your data deleted is made worthless.

All of us here at Dave’s Computers in New Jersey reserve a special place in the underworld for those who write and spread ransomware. Of all the things humans do to other humans online, this is one of the worst.

What is ransomware?

Ransomware is exactly what its name suggests. It is malware delivered onto a computer through phishing, infected ads and the usual ways. Rather than copy your data and send it to a server somewhere, it encrypts it on your hard drive. All of your data is secretly encrypted in the background with you even knowing.

Then, once everything has been encrypted, the ransomware will show an alert telling you what has been done. It will provide a cryptocurrency address where you have to send a specified amount within a given time. In return, the hacker will provide a decryption key to release your data.

It’s a particularly evil attack that uses psychology against you. There is a ticking clock counting down, there may be a snapshot of your hard drive showing you exactly what you could lose and there is usually some kind of threat to delete all your data if you don’t pay up.

How does a backup protect from ransomware?

If ransomware makes it onto your computer past your antivirus and malware scanner, it is able to secretly encrypt your data without letting you know until it’s too late. However, if you have a backup of your data, the threats are worthless.

The main threat of ransomware is the loss of all your important files. If you have them backed up and that backup is recent, there is no threat as you can recover them from backup. No need for data recovery, no need to pay the ransom and no need to be threatened on your own computer.

The steps to take would be:

  1. Check your backup from a separate computer to make sure it’s intact and has everything. Do not check from your infected computer in case your backup becomes infected too.
  2. Wipe your infected computer using your OS installation disc.
  3. Use DBAN or other secure drive wiper to make sure all traces of the ransomware has been overwritten.
  4. Reload your operating system using your installation media.
  5. Download a copy of your backup to restore everything to how it was.
  6. Upgrade or change your antivirus and malware scanner so it doesn’t happen again.

While ransomware is very clever at finding its way onto a computer, most competent antivirus or security programs should pick it up as soon as it activates. If yours didn’t, it is worth changing it for a better one.

If you need professional data recovery or help removing ransomware from your device, Dave’s Computers in New Jersey can help.