Ransomware is malicious software that cyber criminals use to hold a user’s computer or computer files, mobile phone or tablet to ransom by encrypting the data or locking the device. A message is then displayed on the screen, demanding payment of a sum of money within a certain time, in order for the user to get the computer and data restored. This restoration may or may not happen...
“Sadly, ransomware is becoming an increasingly popular way for malware authors to extort money from companies and consumers alike”, says Nathan Loftie-Eaton, Security Specialist at ESET South Africa.
According to a “McAfee Labs.Threat Report”, there has been a 165% increase in new ransomware during the first quarter of 2015!
What can you do about it?
On the one hand, ransomware can be very scary - the encrypted files can essentially be considered damaged beyond repair. But if you have properly prepared your system, it is nothing more than a nuisance.
Here are a few tips that will help to keep ransomware from wrecking your day:
Backup your data!!!
The single biggest thing that will defeat ransomware is having a regularly updated backup routine in place says Nathan Loftie-Eaton. If you are attacked with ransomware you may lose the work done since the last backup, but at least you wouldn't have lost everything.
What you need is a regular backup routine to an external drive or offsite backup service. If an external drive is used, please make sure that it is physically disconnected as Ransomware infections can permanently delete any backup files they find on the local machine or network.
Primeworks can offer a secure D.I.Y. or managed, automatic online backup service to the cloud, where your data will always be safe, recoverable and accessible at any time, from any device with an internet connection.
The simplest starting point for an attacker is to play on a person's naivety and trust and get them to compromise their own computers. This can be done via emails, imitating high profile Companys or people you communicate with.
Simple - If you receive an email that you’re not expecting, it’s best to ignore it.
If your curiosity really needs to be satisfied, try and validate the source of the email first before clicking on a link or opening the attachment.
Always be suspicious of unknown or unsolicited e-mails or e-mails that have attachments or links to other sites. Be wary of e-mails that state things like “You have won…….”, “Claim your prize…” etc. Again, if in doubt, confirm with the sender before opening.
With regards emails, check that the 'From' address matches the 'Reply-to' address - it is so easy to create an email that shows as coming from an address you recognise but actually came from another.
Have a reputable Anti Virus installed and up to date.
Make sure that you have a robust and up to date antivirus program installed on your computers. Update your Operating System regularly. Antivirus programs may help but these are by no means foolproof as they often detect the virus when it is too late.
Apply Patches and Updates Regularly.
Ensure that you are regularly updating your Operating Systems and Applications with all security updates and patches released by the various Vendors. You may have the latest Anti-Virus software installed, but it's no protection for 'holes' in the operating system or applications you use.
Should you be suspicious about something, have further questions or need assistance, please contact us.
For more information, have a look at the following articles;
Microsoft has a comprehensive article of some of the things to look out for on 'Phishing'.
Eset put out this article in April 2015 discussing how to prevent getting caugh by Ransomware which has additional tips.