Usually when we talk about encryptor ransomware, we recommend that victims do not pay the ransom. To begin with, paying encourages malware creators to continue their operations. It’s simple supply and demand: more people pay, increasing the market volume, leading to the creation of more malware — and more trouble for all.
Also, paying the ransom doesn’t ensure the safe and reliable return of files. Think about it for a minute: These people are criminals who have already fooled you, infecting your computer with very dangerous malware and stealing your files. What are the chances that they are going to be honorable after getting paid?
Does that sound pessimistic? Perhaps, but our recent research bears it out. One out of three victims pays the ransom criminals demand for returning files. But a solid 20% of the people who paid never got their files back.
Andrei Mochola, head of consumer business at Kaspersky Lab, commented: “We urge all ransomware victims, whether large organizations or single individuals, not to pay the ransom demanded by criminals. If you do, you will be supporting the cybercriminals’ businesses. And, as our study shows, there is no guarantee that paying the ransom will actually give you access to your encrypted data.”
Here is what you should do to protect your files from ransomware or recover them in case you’re already infected.
— Kaspersky Lab (@kaspersky) November 30, 2015
1. Back up your precious data regularly.
2. Use a reliable security solution. It doesn’t have to be a Kaspersky Lab product, though modesty aside, we can assure you we’re good at this.
3. If you are using one of our security solutions, make sure you didn’t switch off System Watcher. This proactive security feature is of great help protecting you from the latest species of malware, and it is especially effective in fighting ransomware. Here’s a video about System Watcher and how it works:
4. If you were unlucky enough to fall victim to an encryptor, don’t panic. Use a clean system to check our No More Ransom site; we probably have a decryption tool that can help you get your files back. We won’t charge you a penny for that.