Ransomware

Data on the computer is encrypted and no longer available.

Encryption Trojans (also known as blackmail Trojans, extortion Trojans, encryption malware or ransomware) are a specific family of malware that encrypts files on a victim's computer and connected network drives, rendering them unusable by the victim. Ransomware attacks are steadily increasing. Common gateways for ransomware are poorly secured systems and emails containing attachments.

Encryption Trojans can cause considerable damage, especially if data backups are also affected. In the event of such an incident, remain calm and take a rational approach.

The main aim of a post-incident clean-up is to find the infection route in order to prevent a new infection. Reinstall the affected systems and restore data using existing backups. If the necessary expertise is not available in your company/authority, seek support from a specialised company.

Last modification 09.12.2021

Top of page

https://www.ncsc.admin.ch/content/ncsc/en/home/infos-fuer/infos-behoerden/aktuelle-bedrohungen/ransomware.html