When Ransomware Attacks: Recovering Encrypted Data

Tuesday, 4 January 2022 by Ontrack Team


When it comes to data loss scenarios, it’s no secret that ransomware attacks can cause quite the stir. With victims that range from extensive government agencies to unsuspecting individuals browsing the internet, ransomware can wreak havoc that not only harms your digital device, but your bank account as well.

What Is Ransomware?

Ransomware is a category of malware that encrypts both data files and the systems they operate on in a manner that renders them useless until a ransom is paid for decryption. In many instances, when ransomware attacks occur, malicious actors may also delete critical system backups and resort to various pressure tactics to persuade victims to pay the demanded ransom.

Is Your Device at Risk for a Ransomware Attack?

The truth of the matter is that all devices are susceptible to ransomware incidents. Servers, SANs, NASs, desktops, laptops, mobile devices, IOT devices (including TVs, cameras, smart appliances, wearable devices, and thermostats), and Edge devices may all be targeted by malicious actors when planning ransomware attacks.

Preventative Measures Against Ransomware Attacks

Given the complexity of ransomware recovery, it is important to try to reduce the opportunity for an attack wherever possible. Thankfully, there are a few critical steps that can be taken to do just that.

  • Back Up Data

    Always make sure that backup copies of critical data are available via external hard drive or in the cloud so that they can be recovered in the event of ransomware attacks. Secure backups are an effective way of protecting data and preventing the temptation to pay a ransom to malicious actors.

  • Use Precaution on the Internet

    Malware authors depend on a lack of awareness when creating ransomware variants. Therefore, it’s imperative to be as careful as possible when using the internet. Never respond to unsolicited texts or emails from unfamiliar sources and avoid clicking suspicious links even if messages are sent from organizations or individuals you may know. It is also important to avoid using public Wi-Fi when connecting to the internet, as networks that aren’t secure allow easier access for cybercriminal activity.

  • Keep Software Updated

    Another measure of defense against ransomware attacks is updated software. Keeping all your device’s security software consistently updated is key, as it helps to alleviates any flaws or patches that may present themselves as gateways for cybercriminal activity.


Ontrack’s Top Ransomware Recovery Tips


When it comes to ransomware attacks, Ontrack’s data recovery experts recommend three must-have tips to keep in mind:

  1. Have A Plan
    Malware authors would prefer to catch ransomware victims panicked and off guard, leading them to engage in mistakes (such as trying to negotiate) which will inevitably make matters worse. Having a plan of action, including reporting the attack to the proper authorities, evaluating the damage, tracking the path of the attack, and determining your backup options, are key in recovering data that has been encrypted during a ransomware incident.

  2. Stick To the Plan
    In the event that you or your organization falls victim to a ransomware attack, it’s important to stick to the plan of action that has been created. Oftentimes, panic causes victims to change course, however, following the steps of your pre-determined plan and reaching out to a ransomware recovery professional as early as possible can make a world of difference in the effectiveness of data recovery.

  3. Avoid DIY Attempts
    Ontrack’s experts caution against DIY attempts to recover data in any scenario, however, attempting to decrypt affected data in ransomware incidents is particularly harmful and could even lead to escalated ransom attempts. Leave the data recovery to the professionals.

According to Cybersecurity Ventures predictions, a new business will fall victim to ransomware every 11 seconds this year alone. Even organizations such as schools and hospitals have seen a rise in threats recently. While ransomware data recovery can be complex, Ontrack’s engineers provide the best possible solution for success. Our investment in the development of specialized software allows us to recover data from ransomware-encrypted systems, virtual machines, backup files, tapes, and other storage media.

Should you find your organization facing a ransomware attack, don’t hesitate to contact the experts at Ontrack to help successfully recover your data.