Dealing with Ransomware

Ransomware is embarrassing when pops up with asking money

There are some solutions for this kind: 

1. To break the encryption of the ransomware, it is almost impossible because normally they build it one way, so after money submitted, they would not give you the key, because the key might not exist from the beginning. If they built the ransomeware upon opensource then there might be solution in public as well. If you have lots of resources and computing power, you could try bruteforce for cracking the encryption, but not recommended

2. The most easy solution is to make a backup such as windows backup may help you to restore files and folders encrypted by ransomware, so a nice backup tool and plan should be considered. 

(Make a backup upon that a user account does not have a right to edit such as password lock)

Such as googledrive leaves a change history, so right before the recent change made in the change history you can use to restore when ransomeware encrypted your current files and folders

Additionally, you can use virtual machine and make a save point each time you turn off your PC, you can easily go back to the saved point when encrypted. 

Save and restore is the simplest way to restore from any harm in a software level

3. Anti-virus with latest patch updated, may also detect a known ransomware or acting like ransomware which is behavior based.

Such as solidcore can help you prevent any unwanted behavior from unauthorized software activity

5. Use a limited user account so that the ransomware executed by limited user account can only affect on resources allowed. 

Security is ensured from awareness of the threat as just beginning

Ransomware, principally it changes a file existing, therefore if there is no right to change a file existing but creating/reading/deleting given may ultimately remove the risk verse ransomware.

Notable Ransom-ware:
- Reveton, in 2012, spreaded based on Citadel trojan, illusion that the computer is being tracked by law enforcement, and charges a fine.

- CryptoLocker, in 2013, RSA 2048bit key used, encrypts by file extensions, a key size increases after deadline passed which makes extremly difficult to repair.

- CryptoLocker.F and TorrentLocker, in 2014, targeted broadcasting coporation in Australia name as CryptoLocker or Cryptowall, spreaded via email attachment or visiting their website, infected 9000 users as estimated

- Cryptowall, in 2014, targeted Windows, redirected to rogue websites which uses browser plugin exploits to download payload, encrypts files and file names

- KeRanger, in 2016, targeted OS X, uses RSA 2048bit key, as a copy of Linuxs'Linux.Encoder.1.

- RSA4096, in 2015, encrypts computers and connected devices, is almost unbreakable, private key is available via bitcoin payment 

Mitigation
1. Stop the virus software loaded on memory
2. Restore from backup

Tips
File stored in DB is safe against
Restoring from backup is simple and fast repair against
Kaspersky Anti-virus or Bitdefender Anti-virus is recommended against (as those two the world top rank)

Conclusion
Lots of tools and easy restoration with backup against ransomeware, because "Know the enemy and know yourself; in a hundred battles you will never be in peril."