The Rise of Ransomware and 10 Easy Steps to Protect Your System and Workplace
Recently, the profile of ransomware attacks has continued to grow with new variants hitting the internet user and business community with rude shock causing disruptions to the operations of businesses, schools, government institutions and individuals – in most cases wiping out important documents and family memories. Ransomware is a type of malicious software that blocks access to data or threatens to publish it until a ransom is paid. Ransomware attack has continued to wreak havoc globally.
The recent attack affected thousands of organizations in 150 countries including fortune 500 companies like FedEx, universities and government institutions – the NHS being the most recent experience. The method of attack is deadly and involves cyber criminals taking control of your computer, locking it down or encrypting sensitive files and requesting a ransom to decrypt and release the data from the victim. If victim refuse to pay the ransom, the attackers withhold the data and it is lost forever.
Now that you understand what is ransomware attack, let me highlight few recommended precautions you can use to protect your system and eliminate the risk of becoming a victim. It’s simple, cost effective and proactive.
1. Maintain Regular Backup
It’s unwise to run your business without a backup; this could lead to costly business disruptions and downtime. Maintaining up to date backup is essential for smart businesses, it will be your most important preparedness against any eventual ransomware attack. This will ensure that you can restore your data from the back and resume business operation or work in no time without paying the ransom. Our small business and enterprise backup solutions are affordable and far less than the cost of business downtime and ransom the hackers will demand from you
2. Don’t Respond To Unsolicited Email
Avoid responding to call to action or information from unsolicited sources, successful ransomware attack usually entails the victim taking action to initiate the process of the attack. So it is wise and safer to ignore those action calls when reading unscrupulous or rogue emails.
Most successful ransomware attacks had been linked to one of these sources: Toxic links distributed through emails, emails attachments, download links, social media or chat messages. This is how the attackers gain access into your computer to wreck havoc. Thus it is wise to avoid responding to suspicious mails, links or attachment that you have not requested even if it’s masked in a friend’s or contact’s name. It is bait, don’t fall for it.
3. USB Device Control
It’s important to guard the type of devices you allow or use on your computer – whether private or official. This is because most wide spread attacks and viruses are spread like raging plague through sharing and usage of unscrupulous flash and disk drives. You can protect yourself by saying no or scanning third party flash drives before us. These things cost less these days and it’s advisable to have one for your dedicated and private use.
4. Disable the Auto Play Features & Macros
Auto play and macros are functions that helps computer user improves their software experience – this feature let your applications automatically open digital media or trigger a programmed action. In some cases, it allows your email software automatically download attachment or access download links in your email manager software such as Outlook, Thunderbird etc.
As good as this sounds, it can spell doom for your computer in the event of an impending or potential ransomware attack. Ransomware attack can exploit this to get your computer to run unwanted programs or download unsafe security threats without your approval. Disabling features like auto play and micros will give you the opportunity to scrutinize and double check the source and threat level of a program, link, attachment or email before taking action.
5. Use Layered Security System
The enforcement of multi layered security with effective firewalls, secure passwords and antivirus software is important. It is not fashionable to have your system protection depend solely on a single layer. These recommended and most effective security or protection should be anchored on multiple layered systems comprising of antivirus software, web filter application to protect against high risk website and firewall solution to block unauthorized access.
Our business protection and security combo is a powerful security defense system that protects your business and PC against online and offline attacks. You can contact us for inquiries.
6. Perform Regular System and Antivirus Updates
Keeping your system software and other applications up to date is essential and can help reduce the risk of attacks and vulnerability to cyber attacks in these times and at any other time. Pay attention to operating systems, internet browsers, email software, plug-in etc. Download and install patches and security enhancement updates as soon as they are released.
For some organizations, they disable their updates to save data usage and reduce Internet service cost. This is not the best approach or time to do so; you can plan and schedule your update which is better than stopping it all together and losing tab on it. Manufacturers and software providers use updates to improve user experience and provide security enhancement against known vulnerabilities such as ransomware attack.
Consider using the following security tool from Microsoft: Microsoft Baseline Security Analyzer 2.3 to scan your PC or your environment and discover which updates are missing on your endpoints.
7. Activate File Extensions
The ability to spot a risk-prone file early through file extension is important in your fight against cyber attack like ransomware and other security threats. You can enable file extension through the steps highlighted in this article: How to enable file extension in Windows. This will give you the opportunity to easily spot suspicious and irregular files such as the ones used in ransomware attacks. It is advised that all suspicious files should be deleted and where you want to check to be sure – use your notepad application to open the file by right clicking on its icon and selecting open with option and then clicking on Notepad – no script or program can run in a Notepad.
8. Be Proactive
In any case of emergencies or unplanned events, knowing what to do and what not to do is critical to how destructive or what level of damages will be experienced. Developing a response plan will be cost saving and help you manage the risk more effectively. If you suspect that there has been a potential ransomware attack on your system or in your IT environment. The first step to take is to:
Avoid restarting the system, although this is usually advice in most cases of other computer problems but in the case of ransomware attack, you should avoid doing that. Rather you should disconnect internet connect to the system immediately and remove it from the network if it is a network environment to secure the network, so that you don’t spread the malware to other computers and devices.
9. Stay informed
Information is power; it’s even truer in this digital age where information is freely available. Keep your ears to the ground on top security news or new threats to learn how you can protect your business against the risk of those threats. Learn to safeguard yourself and be proactive – prevention is the best solution.
10. Ignore The Payment Request
Just as in any case of kidnapping and hostage situations, it is the standard practice for the attacker to request a ransom – this is the same in a ransomware attack. After gaining access to your system, the hackers encrypt your data or lock down your system and demand ransom while holding you hostage. It is not advisable to pay the ransom in such instance; doing so does not guaranty successful restoration of the system or data and may expose you to extortion and encourages the attackers to victims other people.
Never trust the criminals enough to part with your money; you may be funding their criminal enterprise. You may even become implicated as an accomplice for providing funds to sponsor their illegal activities. Instead, report your situation to an expert and let the expert guide you on the best way forward and how to mitigate the associated risks.
Seek Expert Advice
We provide ransomware preparedness assessment and prevention management training for non IT users. If you suspect your system or IT environment has been compromised, you can contact our Consultants for assistance and quick resolution at support@itrdntechnologies.com.
Recent Ransomware Attack Alert
WannaCrypt is a widespread ransomware attack which targets out-of-date windows devices specifically windows XP, 7, 10 and Server operating systems. You are advice to immediately update your windows devices.
Past Cases of Ransomware Attack
- Cryptolocker – The most prolific of all the file-encrypting ransomware variants, Cryptolocker was first spotted in 2013. It was spread by the “Gameover Zeus” botnet and demands around a $300 to $500 ransom.
- Cryptowall – Cryptowall emerged a few months after Cryptolocker in 2013 and mimicked its predecessor’s behavior. The perpetrators brought in over $1 million in a six-month period in 2014.
- CTB-Locker – First seen in 2014, CTB-Locker was the first file-encrypting ransomware that used the Tor anonymity network. It was available for sale to cybercriminals on underground forums.
- TorLocker – First deployed in 2014 against Japanese users, TorLocker was marketed and sold on the now defunct Evolution marketplace.
- Kryptovor – This malware steals files from compromised computers but also has a ransomware component that was first seen in 2014. Kryptovor primarily targets businesses in Russia.
