Discover ransomware with PowerShell

Oct. 8, 2017 0 comments ADMIN Magazine Encryption & Authentication powershell security

Backups are not a panacea for all ransomware infections. If a backup overwrites your original files with ransomware encrypted data, your files are gone. Admittedly, this only applies to trivial backup strategies, which you might find in small business environments or in freelancer operations. In mid-sized companies and enterprise environments, this may be not so tragic at first glance, because your archives have backups for the past few weeks. However, even this is not guaranteed. If the data are outdated, the backups are not much use after a restore. In simple scenarios, the data are only saved to a USB hard drive or online storage, and there is typically only one backup set. An even greater danger is overwriting usable backup data with ransomeware encrypted data. This is especially true if the ransomware does not change the file extensions, which happens in some cases. Of course, there is no alternative to the backup and restore protection concept. Basic Protection Measures A reli...

http://www.admin-magazine.com/Archive/2016/36/Discover-ransomware-with-PowerShell/(tagID)/2