Top 5 ways to protect your device from ransomware
In our last blogpost, we talked about botnets and how to prevent your device from becoming a zombie. We now discuss one of the most severe and prevalent forms of attack that cyber criminals perform using their botnets i.e. Ransomware.
What is ransomware
Ransomware is a cyberattack in which hackers encrypt/lock victims’ data until they pay a ransom. There are two types of ransomware that are currently affecting systems around the globe.
It incorporates advanced encryption algorithms designed to block system files. The victims are requested to pay in order to obtain the key that can decrypt the blocked content. Examples include CryptoLocker, Locky, CrytpoWall and more.
> A snapshot of cryptoLocker prompt
Locker ransomware locks the victim out of the operating system, making it impossible to access the desktop and any apps or files. The files are not encrypted in this case, but the attackers still ask for a ransom to unlock the infected computer. Examples include the police-themed ransomware or Winlocker.
> Police themed ransomware prompt
Rise in reach and impact:
> Source: CERT.RO
In 2013, about 1,200 people said they were victim of ransomware. Between January and March 2016, the IT security institutions already had recorded more than 700 cases, resulting in about $9.39 million in losses. This estimation not only include the ransom money but also the cost of replacing computers and implementing stronger cybersecurity in the aftermath of an attack.
Ransomware attacks can be particularly harmful, especially because new versions often include stronger encryption. In addition, the attacker doesn’t settle after a first payment but often asks for more. In some cases they don’t even give the key to decrypt your data.
How to protect your device from ransomware:
Following 5 points will help you to protect your device from ransomware:
- Make regular backups and store them separately on different locations. Ideally one should be kept offline (on a secure external disk) and the other on a secure and private cloud service.
- Use up-to-date software and apply security patches on a timely basis. Remove outdated plugins from your browser. Only use Adobe Flash, Adobe Reader, Java and Silverlight plugins if you absolutely have to.
- Use a guest account with limited privileges for daily/common use and an administrator account for dedicated purposes.
- Attachments and links should only be opened from truly trusted sources. Any spam links, content — even when it says ‘click here to unsubscribe/unfollow, …’ must not be clicked.
- If a you’ve been asked to run macros on a Microsoft Office file then your definite answer should be ‘No’.
Now even after this, if you become a victim of ransomware — then following links might help you in getting your data back !
Note: Not all ransomware’s can be decrypted back !
Check our tips on online privacy as well.
The harsh reality (like in most malware cases), is that they are difficult to reverse.
Thus — as always, the golden key of prevention remains “being cautious” at all times.
Check blog.mailfence.com for having the most recent version of this blogpost.
- Mailfence Team