7 steps: what to do after a ransomware attack?

ransomware attack NZ

With more and more people all over the world infected by ransomware and New Zealand can expect more ransomware attack. So, it’s important to know how to deal with it. Finding the right approach to deal with ransomware attacks is very important since you can end up losing important personal/business data. It’s imperative to avoid that as much as you can!

What is ransomware?

Ransomware is a type of malicious software that infects your computer and locks certain files, then asks you to pay if you want them unlocked. Ransomware has been extremely problematic to people from all over the world in the past decade, and it continues to do a lot of harm. You can get ransomware from downloading infected files, among others. 

How to prevent a ransomware attack?

  • Make sure that you never click on strange links if you don’t trust them 
  • Avoid opening unknown email attachments 
  • You should always download only from websites that you trust 
  • Never share your data unless you trust the person or business 
  • Stay away from using any unknown USB drive, some of them might have ransomware 
  • Always keep your operating system up to date 
  • Create a backup of your data 
  • Use Antivirus software.

Step 1: Don’t pay the ransom

If you have ransomware already on your computer, then the best thing you can do is to avoid paying the ransom. This will only encourage ransomware creators to continue doing this type of attacks. Plus, even if the ransom is paid, no one guarantees that you will gain access to your locked files. That’s why it’s important to not fall into the hacker’s trap and pay for the unlock. You never really know who you are paying or whether they will unlock your files.

Step 2: Turn off all the devices and disconnect them from the network

As soon as you identify any type of ransomware, the best thing you can do here is to turn off all the devices. Then you want to disconnect them from the network, to ensure that the ransomware is not spreading to every device you own. You might be able to recover files from the infected computer eventually, but the last thing you want is for every device you own to get infected.

Step 3: Find the source

If you want to figure out how ransomware entered your computer, you need to find the source. Track the emails you opened recently or the files you downloaded. Usually, these are the regular entry points for ransomware in your system, and that’s the thing that you want to figure out right from the start. Once you know how ransomware entered your computer, it’s a lot easier to remove the file and rely on anti-ransomware tools to delete the infected file. That’s why it’s important to have a backup for every file, as you can easily delete any infected files, remove any ransomware and bring back the backed up file.

Step 4: Report to Authorities

Once you have an idea where the ransomware comes from, it’s very important to report it to the authorities. This way you can support and also coordinate any counter-attack measures. The more people report any ransomware attacks, the better it is. This way the authorities will be able to find those culprits faster, you will regain control over your files and there won’t be any more attacks. But you need to coordinate with professionals and ensure that they use their resources to apprehend the culprits!

You can find further information about how to report ransomware attacks at https://www.cert.govt.nz/individuals/explore/ransomware/?topic=ransomware

Step 5: Alert all of your users

Talk with your users and people you share the network with. Let them know that your computer has ransomware and it might spread via the network. By doing that, you prevent constant ransomware exposure, and you limit the infection only to your computer.

Step 6: Restore from a backup/ reinstall your OS

Now that you know you have ransomware on the computer, how do you get rid of it? Assuming that you already have an external backup, you need to delete the locked files and use an anti-ransomware tool to scan for any remaining signs of ransomware. If there are none, then you can restore from the backup and continue your work. It’s also a good idea to reinstall the operating system. This way you can restore any backup without having to worry that there are still any signs of malware.

Step 7: Talk to your local IT support person

Talking with an IT professional is extremely important, as he will be able to tell you what’s happening, what you can do and what solutions work in a situation like this. A dedicated IT support professional will immediately identify the source of your ransomware infection and then remove everything on its own. It’s the best way to deal with ransomware nowadays, and all you have to do is to figure out the best solution as fast as possible. It will be well worth the effort.


In the end, it’s a good idea to ask for help if you don’t know how to deal with ransomware. Even if you follow these tips and remove ransomware on your own, it’s still a good idea to work with an IT expert in Christchurch, New Zealand. Ransomware can be tricky to remove, and it can infect a lot of files, so having someone that knows the right ransomware removal steps is going to help quite a lot!

If you need help with ransomware removal in Christchurch, check out IT Fixed. Of course if you enjoy this post, leave a comment and tell your friends about it. Thanks for reading.

Hi, I’m Vijay. I love helping people with their computer problems. Are you frustrated by unsolved computer problems? Get your computer sorted today!

Pin It on Pinterest