Last week, I got two requests from security professionals working in enterprise environments that their files is encrypted and they've been told to pay digital currencies before access is restored. So I decided to blog on some of my suggestions to them on how to resolve the incident:

1. The first thing is to know the name of the ransomware as this will significantly aid your search for a decryption key. For some, this is very obvious - for others, it needs to be deciphered. One tool that will certainly let you know the name is id-ransomware.malwarehunterteam.com

2. There are so many decryption keys for various categories of ransomware, and it gets difficult to keep track of which remains valid. Hence, "No More Ransome" project streamlines this by letting you know the appropriate key to be used for a particular ransomware attack. Visit nomoreransom.org/en/index.html for more details on how to use the platform to get suggestions on available decryption keys.

3. Encryption algorithm used in ransomware attacks are often very complicated and it is likely that it can not be reversed except by the creators. However, you may still be able to recover some of your files using Recuva free tool. Visit ccleaner.com/recuva on how to use the platform

4. Luckily for us, the dreadful WannaCry ransomware decryption algorithm has been made available to the public for free in 2020 by the "good guys". Kindly visit blog.emsisoft.com/en/34156/emsisoft-release.. on how to use it

5. IT department of government agencies provide support on how to get back your files and track the ransomware creators. It might be a good idea to report to the relevant authorities. Unfortunately, I don't think there is any of such in Nigeria, hence I didn't even suggest this last point to the victims.