According to security researchers, you shouldn’t reboot your PC after getting infected by ransomware as it could make things worse for you and easier for the malware.
The experts suggest that instead of rebooting, ransomware victims should hibernate their PC, disconnect it from the network and seek out professionals who are equipped to handle the situation.
While powering down the computer is also a viable alternative, hibernating is better because it saves a copy of the memory. In case someone did a poor job while writing the ransomware, the malware might leave a copy of its encryption keys there.
The advice from experts comes after a recent survey of ransomware victims in the US, where nearly 30% of victims chose to reboot their PCs to deal with the ransomware attack.
However, modern ransomware versions that can encrypt files aren’t easy to deal with, hence rebooting should be avoided.
Why rebooting is a bad choice?
Usually, ransomware that can encrypt files is designed to crawl through attached, mapped, and mounted drives in a PC. But, sometimes, it is tripped or blocked by a permission issue, and the encryption stops.
In such fortunate circumstances where the machine is partially encrypted to do some error, victims should quickly take advantage of the situation and not allow the ransomware to take over completely.
However, if you reboot the PC, the ransomware will try to back up and finish what it started.
And this piece of advice is applicable to both enterprise and home users alike.