Ransomware is as intimidating as it sounds. It is a malware (malicious software) created to take the control of a computer system until a sum of money is paid. Sadly, ransomware is becoming an increasingly popular way for malware authors to extort money from companies and consumers alike. There is a variety of ransomware can get onto a person’s machine, but as always, those techniques either boil down to social engineering tactics or using software vulnerabilities to silently install on a victim’s machine. Although it is not 100% preventable, there are multiple ways to minimize your chances of being attacked and protect your company’s data in the event that this does happen to you.
5 ways to prevent ransomware
Back up your data.
The single biggest thing that will defeat ransomware is having a regularly updated backup. If you are attacked with ransomware you may lose that document you started earlier this morning, but if you can restore your system to an earlier snapshot or clean up your machine and restore your other lost documents from backup, you can rest easy. Remember that Cryptolocker will also encrypt files on drives that are mapped. This includes any external drives such as a USB thumb drive, as well as any network or cloud file stores that you have assigned a drive letter. So, what you need is a regular backup regimen, to an external drive or backup service, one that is not assigned a drive letter or is disconnected when it is not doing backup.
Patch and/or update your software regularly.
Malware authors frequently rely on people running outdated software with known vulnerabilities, which they can exploit to silently get onto your system. It can significantly decrease the potential for ransomware-pain if you make a practice of updating your software often. Some vendors release security updates on a regular basis (Microsoft and Adobe both use the second Tuesday of the month), but there are often “out-of-band” or unscheduled updates in case of emergency. Enable automatic updates if you can, or go directly to the software vendor’s website, as malware authors like to disguise their creations as software update notifications too.
Refrain from opening attachments that are suspicious.
Not only does this apply to messages sent by unfamiliar people but also to senders who you believe are your acquaintances. Phishing emails may masquerade as notifications from a delivery service, an e-commerce resource, a law enforcement agency, or a banking institution.
Think twice before clicking. Dangerous hyperlinks can be received via social networks or instant messengers, and the senders are likely to be people you trust, including your friends or colleagues.
Always have antivirus, antimalware and firewalls installed.
It is always a good idea to have both anti-malware software and a software firewall to help you identify threats or suspicious behavior. Malware authors frequently send out new variants, to try to avoid detection, so this is why it is important to have both layers of protection. Make sure they on and properly configured.
Educate yourself and users
Users are your last line of defense in the battle against ransomware. Ransomware wouldn’t be successful if it were not for unsuspecting users downloading and executing a piece of malware (e.g. opening an e-mail attachment, clicking on a malicious link, etc.)
Educating users on what is good practice and how to spot threats will reduce the chance of them falling victim to a social engineering attack. Some things to emphasize would be:
- Do not open e-mail attachments from senders you do not know
- Do not click on links in e-mails from senders you do not know
- Check for misspelled domains in e-mails (e.g. rncom instead of microsoft.com)
- Check for bad spelling and incorrect formatting in the e-mail subject and/or body
- Report any suspicious files or e-mails to the IT Help Desk or Information Security team