Software viruses remain one of the leading threats to both businesses and individuals. Dealing with the consequences of any malware attack is an enormous challenge and even more so in the event of a ransomware attack, as the latter is often impossible to resolve.
What is ransomware?
Ransomware is a type of malware or malicious software that manifests as either locker ransomware or crypto ransomware. The former encrypts the whole hard drive of the computer and locks the user out of his or her entire system. Crypto ransomware only encrypts specific files, usually the most important files, where after it either presents the user with an ultimatum to pay a fee (the ransom) to claim back the data or lose the data indefinitely. “Ransomware attacks are indiscriminate in who they target, affecting businesses and individuals alike”, says Robert Brown, CEO of DRS, ” as long as the ransom is paid, the cyber criminals don’t care who is affected.”
Consider paying the ransom?
According to Vikram Thakur, technical director of Symantec “the odds of getting back your files decrypted is very small. … It’s better to save money and rebuild the affected computers.” Matthew Hickey, director of Hacker House, agrees and warns owners of affected computers who are tempted to pay the ransom that effecting payment will not automatically release your computer or decrypt your files as “you’re really at the mercy of the human operator. Someone at the other end of the connection”. He confirms that he has not heard of any cases where paying the ransom resulted in the successful release of any affected machines. For example, FedEx neither adequately protected themselves (and as a result fell victim to ransomware) nor paid the hackers and ended up spending $300 million on downtime and rebuilding their system.
How is ransomware distributed?
Ransomware can typically be found in phishing emails or is distributed via exploit kits. Phishing emails usually contain malicious attachments that include the ransomware or it could present itself in the form of a link directing you to a compromised website that hosts the malware. Exploit kits are malicious tools that cybercriminals use to scan for vulnerabilities in browser-based applications and, once found, the attacker can deliver the ransomware to the computer.
To illustrate the sheer magnitude of the problem, according to SonicWall, there have been 181.5 million ransomware attacks during the first six months of 2018. ITWeb fears that this was only the first wave and predicts an exponential increase in ransomware attacks in 2019. This should be all the motivation you need to ensure you are protected against malware.
Here we have five best practices to guard against ransomware:
1. Backup your data
Backing up your data is the single most effective way to defend against a ransomware (or any malware) attack. The premise of a ransomware attack is that it renders your files inaccessible until payment is received. If you have backup copies of your data, you can simply restore the files either on a new computer or on the current computer once the infection has been cleaned up. Companies should, however, ensure that their backups are stored offline where attacker cannot access or delete them.
2. Keep (security) software and operating system up to date
New forms of ransomware appear regularly. To assist in protecting against them, it is important that you always keep your security software updated. Software updates often include patches for new security vulnerabilities that ransomware attackers can exploit. Finally configure Windows to show file extensions.
3. Filter web traffic and email
Email is one of the main methods through which ransomware are executed. Be vigilant when opening emails containing links and/or attachments. You need to be absolutely sure that the email is genuine or originating from the source it purports to originate from; if not, do not enable macros and immediately delete the email.
4. Use a VPN to encrypt communication
Hackers can manipulate a public Wi-Fi router to intercept traffic and to introduce ransomware viruses. A VPN – virtual private network – creates a safe data tunnel between your computer and the internet. It relies on a complex method of encryption making it both anonymous and reliable. Should hackers manage to infiltrate your local network; a VPN will safeguard you from ransomware, as outsiders cannot decrypt your data.
5. Educate your employees
Your employees are, unfortunately, still the weakest link in any security strategy. Educating your employees on cyber security including how to avoid malware infections and ransomware attacks could prevent attacks before they happen. Train your employees to report anything unusual to your IT security team, to update their passwords regularly and to be mindful of the websites and services they access.