Backups

What is ransomware Ransomware is a type of malicious software that locks access to user files until a ransom is paid. Quite common “locking mechanism” is by encrypting all files on a user computer, server or even the entire network. Encryption is a process of scrambling original data using an encryption key. The same key is then required to decrypt scrambled data back to its original format. Without the original key, the data becomes unusable. All files on our computer, server or even entire network become a pile of garbage. The only way to decrypt that garbage is to obtain the original encryption key by paying a ransom. Paying ransom is never a good idea. It encourages attackers to carry on the attacks. We also never know if we are going to get the keys or if the decryption works at all. How does ransomware spread Similarly to any other computer virus, ransomware will spread through phishing emails, infected websites and physical media such as USB drivers. If your computer gets infected it may spread to all network resources that your account has access to. I’m going to ignore any SMB (Windows File Share) vulnerabilities that would allow unauthorised access