How to Protect Yourself Against Ransomware

Ransomware is a type of malicious software, also known as malware. It encrypts a victim’s data until the attacker is paid a predetermined ransom. In this article, we will talk about how to protect yourself against ransomware.

How does ransomware work?

Ransomware identifies the drives on an infected system and begins to encrypt the files within each drive. Ransomware generally adds an extension to the encrypted files, such as .aaa, .micro, .encrypted, .ttt, .xyz, .zzz, .locky, .crypt, .cryptolocker, .vault, or .petya, to show that the files have been encrypted—the file extension used is unique to the ransomware type.

Once the ransomware has completed file encryption, it creates and displays a file or files containing instructions on how the victim can pay the ransom. If the victim pays the ransom, the threat actor may provide a cryptographic key that the victim can use to unlock the files, making them accessible.

How is ransomware delivered?

Ransomware is commonly delivered through phishing emails or via “drive-by downloads.” Phishing emails often appear as though they have been sent from a legitimate organization or someone known to the victim and entice the user to click on a malicious link or open a malicious attachment. A “drive-by download” is a program that is automatically downloaded from the internet without the user’s consent or often without their knowledge. It is possible the malicious code may run after download, without user interaction. After the malicious code has been run, the computer becomes infected with ransomware...get more info at - CISA.

Create backups of your data

In the event that a hacker successfully hijacks your computer, you could rescue yourself with a backup of your data stored somewhere, like on a physical hard drive. That way, if a hacker locked down your computer, you could simply erase all the data from the machine and restore it from the backup.

In general, you should be creating a copy of your data in the first place, in case your computer fails or is lost. To be extra safe from hackers, after backing up your data onto an external drive, unplug the drive from the computer and put it away...to know more, visit - nytimes.

Keep your system up to date

If you are running Windows XP or Vista, you should immediately update your system to Windows 10 or buy a new computer. As we warned back in 2014, Microsoft is no longer supporting these ancient versions of Windows and continuing to use them makes you a prime target for cyber-attacks. And even an entry model $500 computer that will be far more powerful than your current XP one.

For those using Windows 7 and newer, make sure that you have Automatic Updates enabled so new security patches are installed as soon as they are available. These versions of Windows had already been patched by Microsoft to specifically prevent these types of ransomware attacks...get more info at - techlicious.

Scan And Filter Emails Before They Reach Your Users

The easiest way to stop staff clicking on a ransomware link in an email is for the email never to arrive in their inbox. This means using content scanning and email filtering, which ought to take care of many phishing and ransomware scams before they actually reach staff.

Think Very Long And Hard Before You Pay A Ransom

Ransomware crooks have found their way through your defences and now every PC across the business is encrypted. You could restore from backups, but it will take days and the criminals only want a few thousand dollars. Time to pay up?

For some, that may be the obvious conclusion. If the attackers only want a relatively small amount then it might, in the short term, make business sense to pay up because it means the business can be up and running again quickly. However there are reasons why you might not want to pay...visit - ZDNet to know more.

Threat intelligence

While most cybersecurity organizations continue to focus their gaze internally, the only way to move from reactive to proactive is through intelligence. Cybersecurity professionals who understand threat trends and the landscape, which includes adversaries, tactics, techniques, and procedures, are empowered to capitalize on such knowledge to prevent attacks.

Automation

Organizations are overrun with massive amounts of data, information, and intelligence. Considering the skills gap that is still challenging the industry, there is rarely enough time in the day to adequately address all critical or high-level security events, let alone the moderate and low risks. Only through automation, wherein machines capitalize on high-fidelity intelligence to take actions without human intervention, can cyber defenders have the time needed to focus on the biggest-impact security matters...this and more at - Dark Reading.

Final Words

Use these tips to keep your Company’s sensitive information safe and stop a ransomware attack before it starts. Use a good email security service that will keep you from clicking on a phishing link.