Ransomware is malicious software that cybercriminals use to hold your computer or computer files for ransom, demanding payment from you to get them back. Sadly, ransomware is becoming an increasingly popular way for malware authors to extort money from companies and consumers alike.
There is a variety of ransomware can get onto a person’s machine, but as always, those techniques either boil down to social engineering tactics or using software vulnerabilities to silently install on a victim’s machine.
On the one hand, ransomware can be very scary – the encrypted files can essentially be considered damaged beyond repair. But if you have properly prepared your system, it is really nothing more than a nuisance. Here are a few tips that will help you keep ransomware from wrecking your day:
Following are the tips to protect your computer or your precious data from the Ransomware.
1. First and foremost, be sure to backup your most important files on a regular basis.
Ideally, backup activity should be diversified, so that the failure of any single point won’t lead to the irreversible loss of data. Store one copy in the cloud, resorting to services like Dropbox, and the other on offline physical media, such as a portable HDD.
An efficient tactic is to toggle data access privileges and set read/write permissions so that the files cannot be modified or erased. An additional tip is to check the integrity of your backup copies once in a while.
2. Personalize your anti-spam settings the right way.
Most ransomware variants are known to be spreading via eye-catching emails that contain contagious attachments. It’s a great idea to configure your webmail server to block dubious attachments with extensions like .exe, .vbs, or .scr.
3. Refrain from opening attachments that look suspicious.
Not only does this apply to messages sent by unfamiliar people but also to senders who you believe are your acquaintances. Phishing emails may masquerade as notifications from a delivery service, an e-commerce resource, a law enforcement agency, or a banking institution.
4. Think twice before clicking.
Dangerous hyperlinks can be received via social networks or instant messengers, and the senders are likely to be people you trust, including your friends or colleagues. For this attack to be deployed, cybercriminals compromise their accounts and submit bad links to as many people as possible.
5. Don’t use unsupported Operating System’s of Windows like Windows XP.
Yes, This is a most important you need to do right now if you are using Windows XP. Since, Microsoft officially ended support for Windows XP in way back in April 2014. Microsoft won’t release any updates or patches for the OS. Experts rightly said that the best protection against the so-called ransomware was to patch everything, as soon as possible. But for Windows XP and other expired operating systems, the patches weren’t there in the first place. So, you need to immidiately update/change your Operating System from Windows XP to any officially supported OS like Windows 7, 8 or 10.
6. The Show File Extensions feature can thwart ransomware plagues, as well.
This is a native Windows functionality that allows you to easily tell what types of files are being opened, so that you can keep clear of potentially harmful files. The fraudsters may also utilize a confusing technique where one file can be assigned a couple of extensions.
For instance, an executable may look like an image file and have a .gif extension. Files can also look like they have two extensions – e.g., cute-dog.avi.exe or table.xlsx.scr – so be sure to pay attention to tricks of this sort. A standalone known attack vector is through malicious macros enabled in Microsoft Word documents.
7. Patch and keep your operating system, antivirus, browsers, Adobe Flash Player, Java, and other software up-to-date.
This habit can prevent compromises via exploit kits.
8. In the event a suspicious process is spotted on your computer, instantly turn off the Internet connection.
This is particularly efficient on an early stage of the attack because the ransomware won’t get the chance to establish a connection with its Command and Control server and thus cannot complete the encryption routine.
9. Think of disabling vssaexe.
This functionality built into Windows to administer Volume Shadow Copy Service is normally a handy tool that can be used for restoring previous versions of arbitrary files. In the framework of rapidly evolving file-encrypting malware, though, vssadmin.exe has turned into a problem rather than a favorable service.
If it is disabled on a computer at the time of a compromise, ransomware will fail to use it for obliterating the shadow volume snapshots. This means you can use VSS to restore the blatantly encrypted files afterwards.
10. Keep the Windows Firewall turned on and properly configured at all times.
11. Enhance your protection more by setting up additional Firewall protection.
There are security suites out there that accommodate several Firewalls in their feature set, which can become a great addition to the stock defense against a trespass.
12. Adjust your security software to scan compressed or archived files, if this feature is available.
13. Disabling Windows Script Host could be an efficient preventive measure, as well.
14. Consider disabling Windows PowerShell, which is a task automation framework.
Keep it enabled only if absolutely necessary.
15. Enhance the security of your Microsoft Office components (Word, Excel, PowerPoint, Access, etc.).
In particular, disable macros and ActiveX. Additionally, blocking external content is a dependable technique to keep malicious code from being executed on the PC.
16. Install a browser add-on to block popups as they can also pose an entry point for ransom Trojan attacks.
17. Use strong passwords that cannot be brute-forced by remote criminals.
Set unique passwords for different accounts to reduce the potential risk.
18. Deactivate AutoPlay.
This way, harmful processes won’t be automatically launched from external media, such as USB memory sticks or other drives.
19. Make sure you disable file sharing.
This way, if you happen to get hit, the ransomware infection will stay isolated to your machine only.
20. Think of disabling remote services.
Otherwise, the threat could rapidly propagate across the enterprise network, thus calling forth serious security issues for the business environment if your computer is a part it.
For example, the Remote Desktop Protocol can be leveraged by the black hat hackers to expand the attack surface.
21. Switch off unused wireless connections, such as Bluetooth or infrared ports.
There are cases when Bluetooth get exploited for stealthily compromising the machine.
22. Define Software Restriction Policies that keep executable files from running when they are in specific locations in the system.
The directories most heavily used for hosting malicious processes include ProgramData, AppData, Temp and Windows\SysWow.
23. Block known-malicious IP addresses.
Tor (The Onion Router) gateways are the primary means for ransomware threats to communicate with their C&C servers. Therefore, blocking those may impede the critical malicious processes from getting through.
Since ransomware is definitely today’s number one cyber peril due to the damage it causes and the prevalence factor, the countermeasures above are a must. Otherwise, your most important files could be completely lost.
The key recommendation, though, is the one about backups – offline or in the cloud. In this scenario, the recovery consists of removing the ransom Trojan and transferring data from the backup storage.
Currently, dealing with the consequences of ransomware isn’t very promising from the file decryption perspective. That is why thwarting the virus attack can save you a pretty penny and guarantee peace of mind.
Finally, it should be noted that the recent rash of ransomware attacks has generated a lot of breathless news coverage, mainly because it is a departure from previous trends in financially motivated malware (which tended to be stealthy and thus not data-damaging). Ransomware can certainly be frightening, but there are many benign problems that can cause just as much destruction. That is why it has always been, and always will be, best practice to protect yourself against data loss with regular backups. That way, no matter what happens, you will be able to restart your digital life quickly. It is my hope that if anything good can come out of this ransomware trend, it is an understanding of an importance of performing regular, frequent backups to protect our valuable data.