Ways to Protect yourself from Ransomware Attack

Posted on Posted in Security, Windows Server

Ransomware – is a sophisticated piece of malware/virus that blocks the access to his/her files, and the only way to regain access to the files is to pay a ransom.

WannaCry – used a vulnerability in Windows that allowed it to infect victims PC’s without them taking any action.

Petya Ransomware – Firstly, infecting the Master Boot Record in order to execute the payload and encrypt the data, in late June 2017, when it emerged, enhanced with self-replicating abilities.

Simple things you can do to protect against ransomware attacks:

Safe and Secure Back ups

This is the First and foremost, be sure to back up your most important files on a regular basis.

If you’ve got sensitive data, always have a backup. Ideally, multiple ones. Store one copy in the cloud, resorting to services like Dropbox, and the other on offline physical media, such as a portable HDD.

It’s also recommended to back up files to a drive that remains entirely disconnected from your network.

Always Be Updated! Don’t stick to the past

It’s always recommended to keep automatic updates on which will considerably reduce the risk of malware.

The malware uses security gaps in operating systems and mostly the ransomware like; WannaCry exploits vulnerabilities in operating systems. Many computer users, institutions, corporations and government agencies are still using outdated Windows XP and don’t moving to latest version of Microsoft Operating System and that poses a threat for users’ security.

If you haven’t been infected yet, install Microsoft’s emergency patch MS17-010 and always away from unsupported and pirated windows and also, make sure you’re using latest windows version 7, 8.1 or 10.

Here are general steps through which you can make sure you receive automatic updates on the supported Windows Operating systems.

For Windows 7 –

  1. Click on StartControl Panel > System and Security > Windows Update.
  2. Then on the left side, click on Change settings.
  3. Then under Important updates, make sure it says Install updates automatically (recommended).
  4. After that check all the other boxes, and then click OK.

For Windows 8.1 –

  1. Press Win key + X, and then click Control Panel.
  2. Then move to System and SecurityWindows Update.
  3. Choose Change settings on the left side.
  4. Under Important updates, make sure it says Install updates automatically (recommended).
  5. Check all boxes, and then click OK.

For Windows 10 –

  1. Click on Start key, and then click on the Settings gear icon.
  2. Move to Update & security, and then click on Windows Updateon the left.
  3. Then on the right, choose Advanced options.
  4. Under Choose when updates are installed, make sure it says Current Branch, and see both the values for feature and quality update are set to 0.
  5. After that check the first two boxes, and close the window.

Be care full with Emails and educate your workforce

A massive percentage of ransomware invades computers via malicious emails.  So, always keep in mind don’t click on questionable links and never run/open suspicious attachments you don’t trust.

Basically, these files are sent through emails as attachments, or via obscure URLs masquerading as safe links. If you receive an email from an unknown source which you don’t know simply delete the file, and empty the recycle bin.

System administrators should ensure that employees don’t have unnecessary access that can save headaches.

Remember, if you hit don’t ‘wait and see’ – Shut down your network which can prevent the continued encryption and possible loss of more files. As a result, this will help in limiting the spread of ransomware if hackers do get into your system.

You can use Encryption Tools While Transferring Files.

Deactivate AutoPlay.

Also, perform regular Software Updates as software developers release “patches” for existing software, to fix bugs that are meant to resolve specific vulnerabilities.

Always set unique and strong passwords for different accounts that cannot be brute-forced by remote criminals.

Use Strong Firewalls and Anti-virus Programs

If you want to increase protection, then you should consider investing in a good firewall and anti-virus programs.

Currently most anti-virus and firewall programs also offer extended protection in the form of website filtering, which warns you of unsafe websites; network scans, which looks at security issues with your router and network protocols; and software updater, which makes sure that you aren’t using an outdated version of a program.

You need to keep the Windows Firewall turned on and properly configured at all times. Also, you can enhance your protection more by setting up additional Firewall protection. There are security suites ‘Internet security suites’ out there which can be great addition against trespass.

Block known-malicious IP addresses.

Never pay the ransom demands

Paying ransom is not the solution and it’s not sure they return your data or decrypt encrypted data even when you pay up.

However, you become a part of the soft targets database of cybercriminals, when you pay up, that means they will target you very soon.

“You really are rolling the dice if you choose to pay a ransom, and your chances aren’t good,” the researchers found.

Law enforcement agencies generally advise against paying digital ransoms but it “Hard to Walk Away” as they -threaten to expose the data if payment is not made.

And here are some recommendations of what you can do if you find yourself a victim of ransomware:

Restore data from a backup if that data has not been encrypted or deleted by threat actors.
Attempt to find a decryption key that may exist (many security vendors have been publicly releasing decryption keys for free usage). Make a business decision to move forward without the data that was lost.

Conclusion
Stay safe and don’t forget the best protection is always a backup! to protect yourself from becoming a ransomware victim.

Leave a Reply

Your email address will not be published. Required fields are marked *