Friday, July 1, 2016

Protect Yourself from Ransomware


Ransomware is a type of malware software where the attacker encrypts the victim's data, and demands payment for the decryption key. If you are not protected from the effect of ransomware, you may need to pay a ransom for the decryption key from the attacker. Here is more information about ransomware, and some steps you can take to protect yourself from ransomware.

Ransomware "Horror" Stories
The University of Calgary in Alberta paid a ransom of $20,000 in bitcoin (a digital currency that's difficult to trace back to actual people) to decrypt their computer system files and regain access to its own email system. They were hit by a ransomware attack in late May, 2016.

In February 2016, email and other electronic communications at the Hollywood Presbyterian Medical Center had been down for more than a week from a ransomware attack. The hospital ultimately paid $17,000 in bitcoin because they could not recover from the attack on their own.

Up to 60% of the Horry County, SC School District's computers were frozen when ransomware encrypted the school's data in February 2016. The school district was forced to pay the hacker's demand of $10,000 in bitcoin.

Install Anti-Virus Software
Your best defense is to block the malware before it can infect your PCs or servers. Install an anti-virus program and keep it running whenever your PCs or servers are on. Also, keep the anti-virus program and threat-pattern files up-to-date. The best anti-virus programs periodically and often download a database of newly found virus and malware threats. And, they continually run, monitor and protect the devices on which they are installed

Back up Your Data
Hackers that use ransomware are counting on a business or an individual to not back up their data regularly. If ransomware encrypts critical files, and you do not have the pre-encrypted files backed up, you will have to pay the ransom or lose the files. However, if you have a scheduled backup (e.g. once a day), you can ignore the hacker's demand and restore your data without having to pay for it.

Perform Software Updates
Ransomware, like many malware programs, makes use of vulnerabilities in your operating system and other software to infect your systems. You must regularly ensure that you download and apply updates. Additionally, don’t forget firmware updates to your network infrastructure and IoT devices, which can also help prevent attacks.

Filter .EXE Attachments in Your Email
If your email service provider has the ability to filter attached files by extension, you may wish to deny receipt of emails sent with “.EXE” (executable) files. When you do need to exchange “.EXE” files, and if are denying emails with attached “.EXE” files, you can exchange those as ZIP files, via SFTP or via a cloud service.

Use System Restore
If you have System Restore enabled on your Windows machine, you might be able to take your system back to a last known clean state. However, some newer versions of ransomware have the ability to delete files from System Restore, which means those files will not be there when you try to replace your malware-damaged versions.

The Bottom Line
The best cure for ransomware is prevention. Once you are infected, your options may be limited, expensive and unpleasant. If you find yourself encrypted and without a viable backup, you may be forced to pay the ransom. Doing so depends on the value of your affected data and systems. If your data and systems are sufficiently valuable, paying the ransom may be your only course of action.

1 comment:

  1. David, good sound advice. Thank you for the reminder.

    ReplyDelete

I encourage you to add your comment to this post...