Ransomware or WannaCry is a type of malicious software designed to block access to a computer system until a sum of money is paid. In last few year you can heard news about ransomware virus which locked the computer and files encrypted by malicious programs designed to extort money from users.
In above example you can see the demo that how it look. In this virus you can easily see the two timer first one is for payment raised and second one is for lost the file and demand to $500 of Bitcoin on given Bitcoin address to user. Timer force user to pay their demand on time.
Yes exactly that is insane but that virus had reports of 2,500 cases of ransomware costing victims $24 million in the US alone.
How can you prevent your system from Ransomware virus?
You should be ensure that your antivirus is up to date across all endpoints within the business. Keep in mind, AV is based on signatures so new variants may and will slip through the cracks, but this could easily be a first line of defense.
2Security awareness and educate your staff
You should start campaigns that stress the avoidance of clicking on links and attachments in email. Make sure all your users understand the dangers of ransomware and how to recognize phishing attempts.
I literally ask myself these questions when receiving an email message with a link or an attached file:
- Do I know the sender?
- Do I really need to open that file or go to that link?
- Did I really order something from FedEx??
Phishing is a common entrance vector for ransomware and because most end users never think twice, it’s extremely successful.
3Regular Backups and Maintenance
Make frequent backups of every device on your network. Don’t rely on users to remember to do this—make it automatic. There are a ton of options here, from backing up to cloud providers to local storage devices or even network attached drives, but each comes with a certain level of risk.
It commonly exploited third party software such as Java, Flash, and Adobe will undoubtedly prevent many of these types of attacks from even being successful in the first place.
5Limit User Permissions
I know this is of course a highly political and even cultural request to make, however reducing privileges will reduce the attack surface significantly. End users shouldn’t be downloading and installing games anyway, right?
That five golden point by which you can be prevent your computer with Ransomware or WannaCry virus. But what if you windows already victim of that type of virus.
How to Remove Ransomware or WannaCry virus?
If the ransomware prevents you from entering Windows or running programs, as lock-screen viruses typically do, you can try to use System Restore to roll Windows back in time. Doing so doesn’t affect your personal files, but it does return system files and programs to the state they were in at a certain time.
To start the restoration process using System Restore, follow these steps depending on your OS version:
- Shut down your PC and locate the F8 key on your PC’s keyboard.
- Turn the PC on, and as soon as you see anything on the screen, press the F8 key repeatedly. This action should bring up the Advanced Boot Options menu.
- Select Repair Your Computer and press Enter.
- You’ll likely have to log on as a user. Select your Windows account name and enter your password. (If you don’t have a password set, leave that blank.)
- Once logged on, click System Restore.
7Windows 8, 8.1, or 10
- If your PC boots to the Windows login screen, hold the Shift key, click the power icon, and select Restart.
- It should reboot to the recovery screens.
- Select Troubleshoot > Advanced Options > System Restore.
If you can’t get into the recovery screens, you can use the Windows installation media (disc or USB drive) for your particular version/edition to access the recovery tools. You’d boot up to that install media, but click Repair your computer on the main menu before proceeding with the installation. Alternatively, you can create a Windows System Repair Disc on another PC running the same Windows version, and then boot to that disc on the infected PC to reach the same recovery tools. We’ve previously discussed this process for Windows 7, Windows 8, and Windows 10.
Recovering hidden and encrypted files
With that out of the way, it’s time to repair the damage. If you’re lucky, your PC was infected by malware that didn’t encrypt your data. If it appears you’re missing stuff though, the malware may have merely hid your icons, shortcuts, and files. It usually does this by making the files “hidden.” Here’s how to check, depending on your OS version:
- Open Computer.
- Press the Alt key and select Tools.
- Click Folder Options and select the View tab.
- Select Show hidden files, folders, and drives, and then click OK.
9Windows 8, 8.1, and 10
- Open a File Explorer window.
- Select the View tab on the top pane.
- Check Hidden items.
If your data reappears after you elect to show hidden files, that’s great—it means there’s an easy fix for your woes. Open Computer or File Explorer, navigate to C:\Users\, and open the folder of your Windows account name. Then right-click each folder that’s hidden, open Properties, uncheck the Hidden attribute, and click OK. Boom! Done.
In case you are looking for a tool to prevent and remove ransomware, you can use this software : http://www.newsoftwares.net/