Protect Yourself Against Ransomware

Uploaded on 2017-06-06 in BUSINESS-Services-IT & Telecoms, FREE TO VIEW, GOVERNMENT-Law Enforcement, NEWS-Cybersecurity News

Ransomware has been endemic for years. What can businesses and individuals do to protect themselves from malicious software? 

A decade-old form of malicious software known as ransomware has been making headlines after cyber-criminals hijacked hundreds of thousands of computers worldwide.

Ransomware, which is often transmitted by email or web pop-ups, involves locking up people’s data and threatening to destroy it if a ransom is not paid. The global cyber-attack has affected 200,000 Windows computers in more than 150 countries, including China, Japan, South Korea, Germany and Britain.

The cyber-criminals have generally targeted hospitals, academic institutions, blue-chip companies and businesses like movie-theater chains. The attacks highlight the challenges that organisations face with consistently applying security safeguards on a large scale.

“Not only individuals, but even governments and big companies with so much to lose fail to secure their systems and train their employees about necessary security practices,” said Marty P. Kamden, a marketing executive for the private network service provider NordVPN. “Cautious online behavior would probably have prevented the malware from infecting the network in the first place.”

What can businesses and individuals do to protect themselves from ransomware? Here are some tips from security experts.

Update your software

Security experts believe the malware that spurred this global attack, called WannaCry, may have initially infected machines by getting people to download it through email. After that, the malicious code was able to easily travel to a broader network of computers that were linked together through the Windows file-sharing system. (Users of Macs or other non-Windows computers were not affected.)

The most disheartening revelation from the cyberattack was that there was a fix available for the ransomware before the attack. Microsoft, which makes Windows, released a patch for the WannaCry vulnerability eight weeks ago, said Chris Wysopal, the chief technology officer of Veracode, an application security company.

In other words, if people had simply stayed on top of security updates, their machines would not have been infected. “People kind of got complacent and not vigilant about updating their machines,” Wysopal said.

Consumers can remedy this by configuring their Windows machines to automatically install the latest software updates.

Even though WannaCry specifically targeted Windows machines, that does not mean Mac or Linux users are off the hook in the future. Other breeds of malware may infect various operating systems, so no matter which device you are using, you should regularly update your software to install the latest security enhancements.

Install anti-virus Software

In addition to keeping Windows up-to-date with the latest security enhancements, anti-virus software can prevent malware from infecting your computer. Kamden, of NordVPN, said 30 percent of popular anti-virus systems were capable of detecting and neutralizing the ransomware.

Of course, with anti-virus software, the same principle applies: Make sure to keep the anti-virus app up-to-date, too, so it blocks the latest emerging malware. Also, download anti-virus apps only from reputable vendors like Kaspersky Lab, Bitdefender or Malwarebytes, Kamden said.

Be wary of suspicious emails and pop-ups

Security experts believe WannaCry may have initially infected machines via email attachments. The lesson: Avoid clicking links inside dubious emails, Kamden said.

How do you spot a fishy email? Look carefully at the email address of the sender to see if it is coming from a legitimate address. Also, look for obvious typos and grammatical errors in the body. Hover over hyperlinks (without clicking on them) inside emails to see whether they direct you to suspicious webpages. If an email appears to have come from your bank, credit-card company or internet service provider, keep in mind that they will never ask for sensitive information like your password or Social Security number.

In addition, ransomware developers often use pop-up windows that advertise software products that remove malware. Do not click on anything through these pop-ups, then safely close the windows.

Create backups of your Data

In the event that a hacker successfully hijacks your computer, you could rescue yourself with a backup of your data stored somewhere, like on a physical hard drive. That way, if a hacker locked down your computer, you could simply erase all the data from the machine and restore it from the backup.

In general, you should be creating a copy of your data in the first place, in case your computer fails or is lost. To be extra safe from hackers, after backing up your data onto an external drive, unplug the drive from the computer and put it away.

What to do if already Infected

If you are already a victim of ransomware, the first thing to do is disconnect your computer from the Internet so it does not infect other machines. Then report the crime to law enforcement and seek help from a technology professional who specialises in data recovery to see what your options might be. If there are none, don’t lose hope: There may be new security tools to unlock your files in the future.

In some extreme cases, it might make sense to pay a ransom if you have no backups and the encrypted files are valuable, Wysopal said. But he added that with WannaCry, people definitely should not pay the ransom. That’s because the hackers are apparently overloaded with requests from victims asking for their data to be released, and many who have paid the ransom are not hearing back.

Seattle Times:

You Might Also Read: 

Ignoring Software Updates…:

Cyber Crime Drives Up The Cost Of Insurance:

Cybersecurity Trends For Boards & Directors:

 

 

« Social Media Reaction To The London Terror Attack
Instagram Launches Story Search »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Code Decode Labs

Code Decode Labs

Code Decode Labs provides consulting for IT Technology, Cyber Security, Advanced Defense & Policing Technologies, Intelligent Networks, and Information Security.

Remediant

Remediant

Remediant is the leader in Precision Privileged Access Management. We protect organizations from ransomware and data theft via stolen credentials and lateral movement.

Cyjax

Cyjax

Cyjax monitors the Internet to identify the digital risks to your organisation, including cyber threats, reputational risks and the Darknet.

Quest Software

Quest Software

Simple IT management for a complex world. Whether it’s digital transformation, cloud expansion, security threats or something new, Quest helps you solve complex problems with simple solutions.

Center for Applied Cybersecurity Research (CACR) - University of Indiana

Center for Applied Cybersecurity Research (CACR) - University of Indiana

CACR serves Indiana and the nation by tackling cyber risk in research and other unusual environments through agile, holistic, principle-based cybersecurity.

Data Destruction London

Data Destruction London

Data Destruction London offers fast, confidential and compliant expert data destruction services to businesses and organisations in London.

Ultratec

Ultratec

Ultratec provide a range of data centric services and solutions including data recovery, data erasure, data destruction and full IT Asset Disposal (ITAD).

Crypsis

Crypsis

Crypsis was built based on a shared vision of creating a more secure digital world by providing the highest quality incident response, risk management, and digital forensic services.

ThreatX

ThreatX

ThreatX provides complete web application & API protection to address expanding app footprints and complex attacks.

SYN Ventures

SYN Ventures

SYN Ventures invests in disruptive, transformational solutions that reduce technology risk.

Cyber Ranges

Cyber Ranges

Cyber Ranges is the next-generation cyber range for the development of cyber capabilities and the validation of cyber security skills and organizational cyber resilience.

Secfix

Secfix

Secfix helps companies get secure and compliant in weeks instead of months. We are on a mission to automate security and compliance for small and medium-sized businesses.

ZX Security

ZX Security

ZX Security is a New Zealand owned and operated cyber security consultancy.

Cyex

Cyex

Cyex helps people to become cyber wise. We enable our clients to find, track and improve cyber awareness in one place.

Interpres Security

Interpres Security

Interpres Security operationalizes TTP-based threat intelligence and automates continuous exposure monitoring to help CISOs and security practitioners reduce threat exposure.

NST Cyber

NST Cyber

NST Cyber provides comprehensive Threat Exposure Management to Global banks and Forbes 2000 companies.