How to Decrypt Ransomware Encrypted Data

• Encryption Ransomware

It encrypts personal files and folders (documents, spread sheets, pictures, and videos).

A ransomware attack is typically delivered via an e-mail attachment which could be an executable file, an archive or an image. Once the attachment is opened, the malware is released into the user’s system. Cybercriminals can also plant the malware on websites. When a user visits the site unknowingly, the malware is released into the system.

The infection is not immediately apparent to the user. The malware operates silently in the background until the system or data-locking mechanism is deployed. Then a dialogue box appears that tells the user the data has been locked and demands a ransom to unlock it again.  By then it is too late to save the data through any security measures.

Available  repository of keys and applications for some of the variants :- below lik 

https://www.nomoreransom.org/decryption-tools.html

How to prevent a ransomware attack?

1. Back-up! Back-up! Back-up! Have a recovery system in place so a ransomware infection can’t destroy your personal data forever. It’s best to create two back-up copies: one to be stored in the cloud (remember to use a service that makes an automatic backup of your files) and one to store physically (portable hard drive, thumb drive, extra laptop, etc.). Disconnect these from your computer when you are done. Your back up copies will also come in handy should you accidentally delete a critical file or experience a hard drive failure.
2. Use robust antivirus software to protect your system from ransomware. Do not switch off the ‘heuristic functions’ as these help the solution to catch samples of ransomware that have not yet been formally detected.
3. Keep all the software on your computer up to date. When your operating system (OS) or applications release a new version, install it. And if the software offers the option of automatic updating, take it.
4. Trust no one. Literally. Any account can be compromised and malicious links can be sent from the accounts of friends on social media, colleagues or an online gaming partner. Never open attachments in emails from someone you don’t know. Cybercriminals often distribute fake email messages that look very much like email notifications from an online store, a bank, the police, a court or a tax collection agency, luring recipients into clicking on a malicious link and releasing the malware into their system.
5. Enable the ‘Show file extensions’ option in the Windows settings on your computer. This will make it much easier to spot potentially malicious files. Stay away from file extensions like ‘.exe’, ‘.vbs’ and ‘.scr’. Scammers can use several extensions to disguise a malicious file as a video, photo, or document (like hot-chics.avi.exe or doc.scr).
6. If you discover a rogue or unknown process on your machine, disconnect it immediately from the internet or other network connections (such as home Wi-Fi) — this will prevent the infection from spreading.

Components of System Center 2012 R2

Components of System Center 2012 R2

Operations Manager

Operations Manager helps monitor services, devices, and operations for many computers in a single console. Operators can gain rapid insight into the state of the IT environment and the IT services running across different systems and workloads by using numerous views that show state, health, and performance information, as well as alerts generated for availability, performance, configuration and security situations.

Infrastructure and application monitoring and alerting

Microsoft and 3rd party workload monitoring

Cloud monitoring including Azure

System state, health, and performance information

Configuration Manager

Configuration Manager increases IT productivity and efficiency by reducing manual tasks and letting you focus on high-value projects, maximize hardware and software investments, and empower end-user productivity by providing the right software at the right time. Configuration Manager helps to deliver more effective IT services by enabling secure and scalable software deployment, compliance settings management, and comprehensive asset management of servers, desktops, laptops, and mobile devices.

Flexible OS deployment

Compliance and settings management

Asset intelligence and inventory

Application Delivery

Patch Management

Client health and monitoring

Device Management

Virtual Machine Manager

Virtual Machine Manager is a management solution for the virtualized datacenter, enabling you to configure and manage your virtualization host, networking, and storage resources in order to create and deploy virtual machines and services to private clouds that you have created.

VM and private cloud management

Storage and network management

Heterogeneous VM host support

Template driven workload deployment

Orchestrator

Orchestrator is a workflow management solution for the data center. Orchestrator enables you automate the creation, monitoring, and deployment of resources in your environment.

Workflow automation

Visual Runbook authoring

Cross-platform workflow integration

Data Protection Manager

Data Protection Manager is an enterprise backup system. Using DPM you can backup (copy) data from a source location to a target secondary location. If original data is unavailable because of planned or unexpected issues, you can restore data from the secondary location. Using DPM you can back up application data from Microsoft servers and workloads, and file data from servers and client computers. You can create full backups, incremental backups, differential backups, and bare-metal backups to completely restore a system.

Centralized backup for VMs and applications

Item-level recovery for VMs

Archiving backup data to Azure

Service Manager

Service Manager provides an integrated platform for automating and adapting your organization’s IT service management best practices, such as those found in Microsoft Operations Framework (MOF) and Information Technology Infrastructure Library (ITIL). It provides built-in processes for incident and problem resolution, change control, and asset lifecycle management.

Service catalog

Self-service request portal

Release and SLA management

Data warehousing and reporting

Incident and change requests

App Controller

App Controller provides a common self-service experience that can help you easily configure, deploy, and manage virtual machines and services across private and public clouds.

Cross cloud provisioning

VM and application self-service

Endpoint Protection

Endpoint Protection provides an antimalware and security solution for the Microsoft platform.

Malware protection, identification, and remediation

Dyre Malware Execution Stages~