The recent global ransomware attack known as WannaCry, left thousands of users locked out of the data on their computers. Luckily, thanks to a tech blogger who reverse-engineered samples of the malware, the threat was soon eradicated.
Unfortunately, recovering the data once you are hit with a ransomware attack is not possible. However, there are certain measures you can take to minimize or even completely eliminate the possibility of such an attack
Understanding ransomware, how it works and how to prevent it is an important step towards keeping your business and your data safe.
Know What You’re Dealing With
While many cyber-attacks focus on stealing your data, ransomware works a bit differently. Cybercriminals that use ransomware, a type of malware, are after your money and attempt to blackmail a payment out of you by threatening your data. Hackers either don’t allow you to access your data or claim that your data is at risk and then offer to fix the issue if you pay.
Cryptovirus, cryptoworm or cryptotrojan, as ransomware is also called, can hit anyone from home users to businesses and public institutions. Each target presents different opportunities for cyber criminals.
Home users and public institution employees often don’t have advanced cyber security knowledge. Public institutions may also have valuable information that they cannot afford to lose.Hitting a business could mean big money, and businesses sometimes would rather just pay up than deal with the inconvenience of reporting the attack.
Types of Ransomware
Scareware, also called fraudware and rogue scanner software, is intended to scare you with a pop-up message about malware in the system. There’s no real threat, but the scareware gives the illusion that there is and says that you need to pay a certain amount to remove the malware. Knowing the difference between legitimate and illegitimate sites and programs is instrumental in recognizing scareware.
Locker ransomware is similar to scareware in that it attempts to scare you into paying, except in this case, the pop-up message claims that it has detected illegal activity on your computer. It often has the seal of either the FBI or the U.S. Department of Justice and says that you need to pay to avoid legal trouble. You can safely close and ignore such messages, as no government organization would operate like this.
The worst-case scenario is encrypting ransomware, where the malware actually encrypts your files and cybercriminals demand payment to give you your information back. The problem is that there’s no guarantee they’ll follow through on their end of the bargain if you pay them, and it opens the door for future attacks. For those reasons, cyber security professionals advise against paying.
How to Protect Your Device
- Invest in Cyber Security.
The first thing you should do to protect your data is to find a high-quality antivirus program. Ask a cyber-security professional for a recommendation and use the advice to help make your decision.
For complete protection, look for a comprehensive security suite that can handle all kinds of threats, or combine your antivirus program with separate antimalware and antiransomware programs. Antivirus programs typically have free trial periods available, so try out a few to see which one suits you best. Once you’ve found it, it’s a good idea to purchase the full version for superior protection, especially if you often have sensitive data on your device.
- Backup, Backup, Backup.
The prices for external hard drives and personal cloud storage seemingly get lower every day. If your business needs to store a lot of data consider cloud backups, there are plenty of excellent cloud storage services on the market. Regardless of which option you prefer, not backing up your data is a crucial mistake.
It can be tedious to backup data, especially if you work with a large amount of it every day. Just remember that taking the time to make a backup is far better than being left with nothing because of a cyber-attack.
If you go with a cloud service, check the encryption and authentication features to ensure that your data will be secure. Remember to physically remove external hard drivers after making the backup so they can’t get infected.
- Education Is Power.
The best way to be ready for potential threats is to know what’s out there, and this is much easier thanks to all the useful information available in a couple clicks. Stay up to date by reading tech blogs and by getting in touch with your IT team or cyber security professionals.
Ransomware has been around since the early 2000s, and it doesn’t choose its victims, so even Mac users are no longer safe. Read about what other users did when hit with ransomware in case you find yourself in the same situation, and share your knowledge with the people you know.
- Skepticism Pays Off
You can never be too careful about what you see online. Look closely at all your emails, and if you get one from a stranger with an attachment, just delete it. Watch out for shortened links, as you can’t be sure where they will lead. Use online services that can show you the full URL before you click on it.
There are a few suspicious signs to look for with emails you receive, even those that appear to be from a company. These include generic messages that don’t mention your name, a format that looks different from the company’s usual emails and any requests for personal information, which you should never provide over email.
- Don’t Pay the Ransom.
How much do cybercriminals try to get with ransomware? It could be anywhere from hundreds to tens of thousands of dollars.
A ransom demand is a crime, and if you give in, all you’re doing is encouraging it. Cybercriminals will use ransomware as long as people pay them. And once they get their money, they have no incentive to help you decrypt your files.
A Kaspersky survey supports the strategy of not paying ransom. It found that of the ransomware victims who paid the ransom, one in five didn’t recover their files.
A ransomware attack that results in your sensitive data being encrypted could be devastating for your business. However, being proactive instead of reactive is crucial. Following the information outlined in this article can help you secure your data. Just remember to back up everything so even if you’re hit with an attack, you can get your data back yourself.
About the Author
Lisa Michaels is a freelance writer, editor and a striving content marketing consultant from Portland. Being self-employed, she does her best to stay on top of the current trends in the business world. Feel free to connect with her on Twitter @LisaBMichaels.