Ransomware is particularly nasty malware that automatically encrypts important files such as documents and images and holds them hostage until you pay a ransom. The ransom can be anywhere from $100 to $1000 dollars. Even worse – the ransom increases as you take more time to decide if you want to pay the fee.
Because this malware holds valuable information hostage, many victims pay the ransom. Even if you pay, you’re not guaranteed to keep your files. Some victims never receive the decryption key even after paying. You should always keep your antivirus up-to-date to avoid this nasty malware, but you can also take steps to ensure your data is safe in case you become a victim.
1) Use Cloud Backups
When ransomware runs on your computer, it searches your hard drive for files that are potentially important. For instance, hackers know that .DOC, .DOCX, .JPG, .XLS, and other work-related documents could potentially be critically important to you. The program searches for these files and encrypts them. Even backups of these files are encrypted.
To avoid giving into the ransom, you can keep a backup of your files in the cloud. Google and Microsoft are great solutions for home users. Enterprise users should have a cloud solution with a third-party vendor. Since ransomware only scans local hard drive files, your cloud backups are safe. If you fall victim to an attack, you can replace your files after you successfully remove the malware from your system.
2) Train Users to Know the Signs
The biggest reduction in risk is through user training and security awareness. If Mary the customer service rep opens an EXE file from a suspicious sender, then the only chance she has is her antivirus. Malware writer specifically write programs to avoid detection, so ransomware often gets around any antivirus blocks.
If Mary was trained to avoid opening EXE files in email, the whole situation could be avoided. Research has shown that educating employees on how to avoid risk greatly reduces the chance that they will fall for these types of scams.
3) Add Firewall Rules
An uncrawlable area of the web called the “Dark Web” is where the ransomware communicates with the hacker. The Dark Web requires Tor to connect. Administrators can block Tor sites to block communication with the hacker. This might not stop the encryption part of the payload, but it will reduce the chance that the victim can pay the ransom.
4) Block EXE Files
Whether it’s using a public cloud email service or blocking EXEs on an enterprise email system, this will stop the possibility of the user receiving malware. Cloud services such as Gmail won’t allow a sender to send an EXE file. Any legitimate user can still mask the EXE using a different file extension but it will stop common malware attacks.
Ransomware can’t completely be eradicated, but you can take these steps to protect your data and your users’ data. Before you hire any employee, always provide them with good security training.
Leave a Comment