The same thing you would do if the hard drive just died. Paying the ransom does not ensure you will get the key.
Many modern ransomware attacks are present in a network for an extended period prior to execution. This ensures that even the backups have a copy of the ransomware tucked away somewhere. If you don’t have regular backups, there’s really nothing you can do outside of paying the ransom.
If you have any server operating systems in your environment, follow published hardening guides, and use the built-in backup utilities (Rsync for Linux, Windows Backup for Windows). Windows Desktops can use Folder History, System Restore, or even wbadmin if they’re stored on replicated network storage. Otherwise, the workstations are likely unrecoverable.
The most you can hope for is to store the infected disks away in a locked cabinet on the off chance that the criminal ring is caught and the decryption key is published.
bfl
Did you do a complete drive back up, or at least company (versus system) files?
Do you have a restore disk for your operating system?
Where are the back ups located?
My company is attacked by cryptolocker all the time. We’re an enterprise with 2000+ PC’s though. We fortunately have daily commvault backups and snapshots taken multiple times a day. We can quickly restore the network file locations from earlier backups. We end up just re-imaging the actual PC though to get rid of it.
Get malwarebytes for the next time.
They say they can stop ransomware.
https://www.malwarebytes.com/premium
“Four layers of malware-crushing tech. Smarter detection. Specialized ransomware protection”.
Hoepfully, you backed up all your files somewhere, so that you can presumably either format your hard drive or replace it, then load the unencrypted files back onto it.