Hardly a day goes by without a corporate IT system or a privately owned computer being infected by ransomware. Every time the result is same: the victims are blackmailed with high monetary demands. The problem is so acute that reputable news media reports have intensified in recent weeks. Many ransomware variants cannot be deciphered by security experts and those users affected face serious problems. Protecting yourself against ransomware is actually quite easy, when users observe a few simple tips.
6 simple tips on how to protect yourself against ransomware
- Don’t open attachments in emails if you do not know the sender – One of the most common ways to get infected by ransomware is to open an email attachment. Always make sure that you are the real recipient of the email and that the attachment is really sent from someone you know. If you are unsure that you are the real addressee of the attachment do not hesitate to pick up the phone and call the sender to ask. If the document is potentially dangerous and you received the email at work, contact your IT security department immediately so your company can minimise the risk of an infection.
- Don't visit suspicious sites – Some websites can be dangerous and malicious, so be super cautious when surfing in the internet. Shady websites such as gaming, file sharing and others with “free” file downloads can contain ransomware. Ransomware can also be hidden under web banners or other scripts inside the webpage. If you need to visit such a site – for example you are a journalist, be aware that you are at risk and be prepared with the most advanced anti-virus software on the market. Do not click on any unnecessary banners to avoid infection.
- Always keep your computer system and software up-to-date – Computer criminals look for easy ways to hijack or infect your own and your companies computer and servers. You can make it difficult for these criminals by frequently downloading and installing security updates and patches. The same goes with updating your antivirus software and maintaining computer security. The more often you update, the more secure you are. Many of the major antivirus software tools which check incoming emails in real time can find most known ransomware viruses and protect you from opening them.
- Keep passwords secure and your entire computer system safe – Some ransomware is not delivered by an email, but by traditional hacking and the stealing of passwords. If the password(s) of one person is stolen and hacked, the criminal has access to the computer and can infect it with ransomware. In a case where Windows Remote Desktop Protocol (RDP) is activated, the problem is even more severe: The ransomware can spread easily from one computer to another using this protocol. So if the RDP is not necessary in your company or small business keep it disabled at any time!
- Shut down all network connections – If you suspect something is wrong and you might be infected, disconnect your computer immediately from the internet or WiFi as well as your network!!! This way – if you act fast, you can mitigate the damage caused by a ransomware attack. Since the purpose of ransomware is to encrypt data and hold it hostage in return for money and since encryption takes time, there is a chance that you will be fast enough so only minimum data is infected. Additionally, the ransomware virus cannot spread over the network to infect other drives within the company.
- Always have a current backup available – One of the easiest ways to protect yourself against the results of a ransomware attack and to make things difficult on the criminals behind it – is having a current backup of all of your files available. There are several backup products and systems on the market for all kinds of users – private, small to medium businesses as well as large companies. Regardless of the size of the computer system one thing which has to be implemented is a decent backup plan. The main ingredient of such a plan is the decision of how often should backup(s) be created. The less time between backups, the less data can be lost due to a ransomware encryption.
But if your data is infected by a new version of ransomware, you do not have an up-to-date backup of your files and you are not able to find a decryption tool for this particular ransomware type, the only chance at recovery without paying the fee is to consult a data recovery service provider.
Specialised ransomware data recovery experts like Ontrack as well as data security companies track the different ransomware variants that are on the scene and develop specialised tools or work-arounds to recover infected files or complete storage systems. In many cases - but not all - the experts have found ways to recover the data infected by the most common ransomware types. So if you became victim of an attack, it is a good idea to give them a try. There will be a fee for the recovery of your data, but you will be doing your part to stop criminals by not supporting them.