{"id":14246,"date":"2018-02-22T15:00:37","date_gmt":"2018-02-22T20:00:37","guid":{"rendered":"https:\/\/www.sherweb.com\/blog\/?p=14246"},"modified":"2020-10-15T11:41:37","modified_gmt":"2020-10-15T15:41:37","slug":"recover-ransomware-attack-without-online-backup-active-protection","status":"publish","type":"post","link":"https:\/\/www.sherweb.com\/blog\/security\/recover-ransomware-attack-without-online-backup-active-protection\/","title":{"rendered":"How to recover from a ransomware attack without Acronis Online Backup Active Protection"},"content":{"rendered":"

In a previous article<\/a> we explained how the Active Protection feature in Acronis Online Backup<\/a> stops a ransomware attack. Because the malicious process is rolled back immediately, your users suffer no downtime and will continue to work without even noticing what happened. But you can’t understand how innovative Online Backup Active Protection is if you don’t compare it to the usual process of recovering from a ransomware attack<\/strong>. In this article, we’ll show you the steps to follow to recover from a ransomware attack when you don’t<\/strong> have Online Backup Active Protection.<\/p>\n

 <\/p>\n

1. Disconnect the infected device from any and all networks right away<\/h2>\n

When ransomware strikes<\/a>, this is the first step to take and it\u2019s also the most critical one. To avoid other computers from being infected through the network, make sure the infected PC or device is totally disconnected<\/strong>. No LAN, no Wi-Fi, no Bluetooth, no GPS. This is also relevant when the infected user is working remotely from a public or home network.<\/p>\n

 <\/p>\n

2. Unplug any USB, SD or external drive<\/h2>\n

You may still have a chance to save data on external drives from being infected, so the earlier you disconnect them, the better. Put the USB, SD or external drive away, but do not connect it to another computer<\/strong> right away.<\/p>\n

 <\/p>\n

3. Collect information from the user<\/h2>\n

Most users will be scared and probably feel guilty<\/a> about what just happened on their computer. Make them feel comfortable<\/strong> when asking questions about what just happened. Let them know every detail is precious<\/strong> and can save the whole company.<\/p>\n

 <\/p>\n

4. Inform other users<\/h2>\n

Act fast!<\/strong> If the infection started with a phishing email<\/a>, other users in the company might have received the same type of message. So, it\u2019s important to immediately remind all your users to remain alert. Inform them by all possible means and make them aware of how they could be infected<\/strong>.<\/p>\n

 <\/p>\n

5. Investigate the infected computer and recover files<\/h2>\n

If the ransomware has not totally locked the user out of the computer, you can further your investigations to identify the name of the ransomware.<\/p>\n

    \n
  1. Because you never know how many malicious programs have been deployed on the computer with the attack and how many could be still dormant, execute a complete scan with your security tools<\/strong>. Again, do this on the isolated computer and do not reconnect it to the network.<\/li>\n
  2. Uninstall any suspicious applications<\/strong> you might in the programs list, especially if it was installed at the time of the attack or a few hours before.<\/li>\n
  3. Websites like NoMoreRansom.org<\/a>\u00a0now provide decryption tools that can help you recover files encrypted by a ransomware. Download them from another computer and copy them to a dedicated USB, then install the decryption tools on the isolated infected computer. If you\u2019re able to recover the files, copy them to another external storage.<\/li>\n
  4. Unless you feel comfortable following the previous steps, the wisest option is to proceed with a re-installation\u00a0and a restore of the system and data files from a backup<\/b>. The files recovered with the decryption tools would be copied back to the reinstalled computer.<\/li>\n<\/ol>\n

     <\/p>\n

    Defend against ransomware with Acronis Online Backup<\/h2>\n

    Recovering from a ransomware attack without paying cybercriminals is only possible with a proper backup and disaster recovery solution like Acronis Online Backup<\/a>. The Active Protection<\/a> feature makes it possible to halt a ransomware attack immediately, which your usual security tools will not do. When you don’t<\/strong> have Online Backup Active Protection enabled, you’re able to recover data, but the process can take hours. If you have several PCs infected, this can have a serious impact on your productivity and consequently, on your revenue.<\/p>\n

    Looking for expert support when it comes to building your cybersecurity stack? Become a Sherweb partner today<\/a> to take advantage of leading cloud products and solutions, channel-specific expertise and sales and marketing assistance to help your managed services business reach its full cloud potential.<\/p>\n","protected":false},"excerpt":{"rendered":"

    You can’t understand how innovative is Online Backup Active Protection if you don’t c","protected":false},"author":177,"featured_media":21979,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[753],"tags":[446,939],"class_list":["post-14246","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","tag-disaster-recovery","tag-acronis-online-backup"],"yoast_head":"\nHow to recover from a ransomware attack without Acronis Online Backup Active Protection | Sherweb<\/title>\n<meta name=\"description\" content=\"It's possible to recover from a ransomware attack without using solutions such Acronis Online Backup Active Protection, but it can take time.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.sherweb.com\/blog\/security\/recover-ransomware-attack-without-online-backup-active-protection\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How to recover from a ransomware attack without Acronis Online Backup Active Protection | Sherweb\" \/>\n<meta property=\"og:description\" content=\"It's possible to recover from a ransomware attack without using solutions such Acronis Online Backup Active Protection, but it can take time.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.sherweb.com\/blog\/security\/recover-ransomware-attack-without-online-backup-active-protection\/\" \/>\n<meta property=\"og:site_name\" content=\"Sherweb\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/Sherweb\" \/>\n<meta property=\"article:published_time\" content=\"2018-02-22T20:00:37+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-10-15T15:41:37+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.sherweb.com\/blog\/wp-content\/uploads\/RansomwareAttack-1200x480@2x.png\" \/>\n\t<meta property=\"og:image:width\" content=\"2400\" \/>\n\t<meta property=\"og:image:height\" content=\"920\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"The Sherweb Team\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@SherWeb\" \/>\n<meta name=\"twitter:site\" content=\"@SherWeb\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"The Sherweb Team\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/recover-ransomware-attack-without-online-backup-active-protection\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/recover-ransomware-attack-without-online-backup-active-protection\\\/\"},\"author\":{\"name\":\"The Sherweb Team\",\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/#\\\/schema\\\/person\\\/42a19dccace310904575a5656cc20976\"},\"headline\":\"How to recover from a ransomware attack without Acronis Online Backup Active Protection\",\"datePublished\":\"2018-02-22T20:00:37+00:00\",\"dateModified\":\"2020-10-15T15:41:37+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/recover-ransomware-attack-without-online-backup-active-protection\\\/\"},\"wordCount\":677,\"commentCount\":0,\"image\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/recover-ransomware-attack-without-online-backup-active-protection\\\/#primaryimage\"},\"thumbnailUrl\":\"\\\/blog\\\/wp-content\\\/uploads\\\/RansomwareAttack-1200x480@2x.png\",\"keywords\":[\"Disaster Recovery\",\"Acronis Online Backup\"],\"articleSection\":[\"Security\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/recover-ransomware-attack-without-online-backup-active-protection\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/recover-ransomware-attack-without-online-backup-active-protection\\\/\",\"url\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/recover-ransomware-attack-without-online-backup-active-protection\\\/\",\"name\":\"How to recover from a ransomware attack without Acronis Online Backup Active Protection | Sherweb\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/recover-ransomware-attack-without-online-backup-active-protection\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/recover-ransomware-attack-without-online-backup-active-protection\\\/#primaryimage\"},\"thumbnailUrl\":\"\\\/blog\\\/wp-content\\\/uploads\\\/RansomwareAttack-1200x480@2x.png\",\"datePublished\":\"2018-02-22T20:00:37+00:00\",\"dateModified\":\"2020-10-15T15:41:37+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/#\\\/schema\\\/person\\\/42a19dccace310904575a5656cc20976\"},\"description\":\"It's possible to recover from a ransomware attack without using solutions such Acronis Online Backup Active Protection, but it can take time.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/recover-ransomware-attack-without-online-backup-active-protection\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/recover-ransomware-attack-without-online-backup-active-protection\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/recover-ransomware-attack-without-online-backup-active-protection\\\/#primaryimage\",\"url\":\"\\\/blog\\\/wp-content\\\/uploads\\\/RansomwareAttack-1200x480@2x.png\",\"contentUrl\":\"\\\/blog\\\/wp-content\\\/uploads\\\/RansomwareAttack-1200x480@2x.png\",\"width\":2400,\"height\":920},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/security\\\/recover-ransomware-attack-without-online-backup-active-protection\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Security\",\"item\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/category\\\/security\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"How to recover from a ransomware attack without Acronis Online Backup Active Protection\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/\",\"name\":\"Sherweb\",\"description\":\"More than a cloud marketplace\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/#\\\/schema\\\/person\\\/42a19dccace310904575a5656cc20976\",\"name\":\"The Sherweb Team\",\"url\":\"https:\\\/\\\/www.sherweb.com\\\/blog\\\/author\\\/the-sherweb-team\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"How to recover from a ransomware attack without Acronis Online Backup Active Protection | Sherweb","description":"It's possible to recover from a ransomware attack without using solutions such Acronis Online Backup Active Protection, but it can take time.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.sherweb.com\/blog\/security\/recover-ransomware-attack-without-online-backup-active-protection\/","og_locale":"en_US","og_type":"article","og_title":"How to recover from a ransomware attack without Acronis Online Backup Active Protection | Sherweb","og_description":"It's possible to recover from a ransomware attack without using solutions such Acronis Online Backup Active Protection, but it can take time.","og_url":"https:\/\/www.sherweb.com\/blog\/security\/recover-ransomware-attack-without-online-backup-active-protection\/","og_site_name":"Sherweb","article_publisher":"https:\/\/www.facebook.com\/Sherweb","article_published_time":"2018-02-22T20:00:37+00:00","article_modified_time":"2020-10-15T15:41:37+00:00","og_image":[{"width":2400,"height":920,"url":"https:\/\/www.sherweb.com\/blog\/wp-content\/uploads\/RansomwareAttack-1200x480@2x.png","type":"image\/png"}],"author":"The Sherweb Team","twitter_card":"summary_large_image","twitter_creator":"@SherWeb","twitter_site":"@SherWeb","twitter_misc":{"Written by":"The Sherweb Team","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.sherweb.com\/blog\/security\/recover-ransomware-attack-without-online-backup-active-protection\/#article","isPartOf":{"@id":"https:\/\/www.sherweb.com\/blog\/security\/recover-ransomware-attack-without-online-backup-active-protection\/"},"author":{"name":"The Sherweb Team","@id":"https:\/\/www.sherweb.com\/blog\/#\/schema\/person\/42a19dccace310904575a5656cc20976"},"headline":"How to recover from a ransomware attack without Acronis Online Backup Active Protection","datePublished":"2018-02-22T20:00:37+00:00","dateModified":"2020-10-15T15:41:37+00:00","mainEntityOfPage":{"@id":"https:\/\/www.sherweb.com\/blog\/security\/recover-ransomware-attack-without-online-backup-active-protection\/"},"wordCount":677,"commentCount":0,"image":{"@id":"https:\/\/www.sherweb.com\/blog\/security\/recover-ransomware-attack-without-online-backup-active-protection\/#primaryimage"},"thumbnailUrl":"\/blog\/wp-content\/uploads\/RansomwareAttack-1200x480@2x.png","keywords":["Disaster Recovery","Acronis Online Backup"],"articleSection":["Security"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.sherweb.com\/blog\/security\/recover-ransomware-attack-without-online-backup-active-protection\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.sherweb.com\/blog\/security\/recover-ransomware-attack-without-online-backup-active-protection\/","url":"https:\/\/www.sherweb.com\/blog\/security\/recover-ransomware-attack-without-online-backup-active-protection\/","name":"How to recover from a ransomware attack without Acronis Online Backup Active Protection | Sherweb","isPartOf":{"@id":"https:\/\/www.sherweb.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.sherweb.com\/blog\/security\/recover-ransomware-attack-without-online-backup-active-protection\/#primaryimage"},"image":{"@id":"https:\/\/www.sherweb.com\/blog\/security\/recover-ransomware-attack-without-online-backup-active-protection\/#primaryimage"},"thumbnailUrl":"\/blog\/wp-content\/uploads\/RansomwareAttack-1200x480@2x.png","datePublished":"2018-02-22T20:00:37+00:00","dateModified":"2020-10-15T15:41:37+00:00","author":{"@id":"https:\/\/www.sherweb.com\/blog\/#\/schema\/person\/42a19dccace310904575a5656cc20976"},"description":"It's possible to recover from a ransomware attack without using solutions such Acronis Online Backup Active Protection, but it can take time.","breadcrumb":{"@id":"https:\/\/www.sherweb.com\/blog\/security\/recover-ransomware-attack-without-online-backup-active-protection\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.sherweb.com\/blog\/security\/recover-ransomware-attack-without-online-backup-active-protection\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.sherweb.com\/blog\/security\/recover-ransomware-attack-without-online-backup-active-protection\/#primaryimage","url":"\/blog\/wp-content\/uploads\/RansomwareAttack-1200x480@2x.png","contentUrl":"\/blog\/wp-content\/uploads\/RansomwareAttack-1200x480@2x.png","width":2400,"height":920},{"@type":"BreadcrumbList","@id":"https:\/\/www.sherweb.com\/blog\/security\/recover-ransomware-attack-without-online-backup-active-protection\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.sherweb.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Security","item":"https:\/\/www.sherweb.com\/blog\/category\/security\/"},{"@type":"ListItem","position":3,"name":"How to recover from a ransomware attack without Acronis Online Backup Active Protection"}]},{"@type":"WebSite","@id":"https:\/\/www.sherweb.com\/blog\/#website","url":"https:\/\/www.sherweb.com\/blog\/","name":"Sherweb","description":"More than a cloud marketplace","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.sherweb.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.sherweb.com\/blog\/#\/schema\/person\/42a19dccace310904575a5656cc20976","name":"The Sherweb Team","url":"https:\/\/www.sherweb.com\/blog\/author\/the-sherweb-team\/"}]}},"tag_names":["Disaster Recovery","Acronis Online Backup"],"_links":{"self":[{"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/posts\/14246","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/users\/177"}],"replies":[{"embeddable":true,"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/comments?post=14246"}],"version-history":[{"count":6,"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/posts\/14246\/revisions"}],"predecessor-version":[{"id":21981,"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/posts\/14246\/revisions\/21981"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/media\/21979"}],"wp:attachment":[{"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/media?parent=14246"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/categories?post=14246"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.sherweb.com\/blog\/wp-json\/wp\/v2\/tags?post=14246"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}