How to protect yourself against ransomware

Ransomware is very much the most virulent of modern cyber plagues. It is spreading rapidly, it draws no distinction between victims and when infected it can be deadly, often with little hope of recovery unless you take steps to protect yourself.
2016 was dubbed the ‘year of ransomware’ by security researchers. In the first three months researchers discovered 2,900 new ransomware malware modifications and an estimated $1 billion was lost as victims paid up.
It’s easy to see why it has become so popular among cyber criminals; it’s potentially very lucrative, relatively risk free and it’s easy to carry out ransomware campaigns.
Ransomware infects a computer with hard-to-break encryption locking up all the files and demands a ransom typically in the region of €500 to free the computer again. This extortionate payment is for the decryption key.
Another reason for its growing popularity is that ransomware creators are offering it ‘as-a-service.’ This means fraudsters simply hire ransomware for free and use a raft of support services to launch their campaigns. It’s appealing to the criminals because they don’t require technical skills and the coders provide wrap-around services such as botnets to launch their campaigns from.
The coders who create the ransomware typically ask for a fee of 20% of the ransom payment. So if the fraudsters generate €500,000 in ransom, the coders receive €100,000.  The actual fraudsters may be based in Eastern Europe while targeting the US or Western European countries making it extremely hard for law enforcement to catch them.
The overall annual cost of global cybercrime was estimated to be $3 trillion in 2015 and this is expected to double to $6 trillion a year by 2021. Ransomware payments are set to make up a substantially larger percentage of cybercrime costs over the next few years.
So how do you avoid this nasty malware? There are several basic steps you can take to ensure you’re not infected.

Avoid suspicious emails and links… like the plague

One of the main method crooks use to spread their ransomware is through phishing attacks, that is emails that you never expected. The emails may look legitimate but they often hide a malicious attachment or malicious link. If you open the attachment or click on the link your computer is infected without you knowing much about it.
The fraudsters are creatively clever in devising phishing campaigns and the emails will typically offer something. The message could be about an unpaid invoice, a parcel that needs collecting or an offer that is too good to be true.
Malvertising is also another method that fraudsters are increasingly using and instances of it are growing rapidly. It involves compromising an advertiser’s network by embedding malware in ads that get delivered through web sites you trust. For instance malvertising attacks have been directed at both the New York Times and BBC.
So the watch word should be ‘watch out’. Ad blockers can also be an effective way of blocking malicious ads though some websites won’t provide content unless you turn the ad blocker off.

Patch and update software and operating systems – run security software

It’s important to keep browsers, software and operating systems up to data. Hackers are adept at exploiting vulnerabilities; in fact a large part of the world of cyber-crime depends on it. This also means ensuring third-party plug-ins like Java and Flash, if you use them, are also kept up to date.
And of course good security software is absolutely essential. Security software should include layered protection that incorporates both signature-based detection and zero-day detection.
Zero day protection is absolutely essential because it identifies new threats as they are released, such as ransomware that has been tweaked to avoid signature-based detection defences.
Good security software will also identify phishing attempts and malware embedded into advertising, flagging these risks up to you before you click on a link or an ad.

Back up your data

Back up your data on a regular basis so if your computer is locked up you don’t have to pay a ransom to get your data.
Ransomware thieves have been widening their attack vectors over the past year, in particular many NHS organisations in the UK have been hit, healthcare organisations in the US and businesses across Europe too. However, individuals are still targets and also small businesses.
As you can imagine losing access to your precious files, whether they are work documents, invoices, orders, spread sheets even photos and music files, can be devastating. There are many instances of individuals and small businesses losing access to years of files and thousands of documents. Some ransomware attackers cunningly search out back up systems too so these can be encrypted and locked as well.
So consider these back up approaches if you want to keep your data safe;
  • Back up to a cloud service, fraudsters can’t reach these and it means you can always access your data from another computer should you become a victim to ransomware
  • Back up offline so data is not reachable from the machine that is infected.  For instance you can do this with an external hard drive. However the drive should only be connected to the computer when doing the backup and then disconnected. If your backup drive is connected to the device at the time the ransomware runs, then it would also get encrypted.
Backing up your data won’t make the act of being hit by ransomware any less painful, however, it does mean that you don’t have to give into the fraudsters ransom demands because you have a copy of your data elsewhere.

What to do if you’re infected with ransomware

It should be possible to defeat all ransomware by immediately disconnecting your PC from the internet following an infection, reformatting the hard drive, and reinstalling everything from a backup.  
However, this could be tricky given that different operating systems require different approaches and of course you need a degree of technical aptitude and willingness.
For instance with the Windows 8, 8.1 or 10 operating system ‘Restore factory settings’ could solve the problem, if you can get to it. You can also try typing ‘reinstall’ in the Windows search box, then click on ‘Remove everything and reinstall Windows’.
There are other approaches too though it might be simpler to run a ‘rescue disk’ from a USB stick or CD/DVD which should be simpler than trying to navigate the various options in Windows. Alternatively, you can also pop down to your local computer shop and have it bring your computer back to life. It might cost a little but it will save you a headache.
Filed under: Tips and tricks

Written by Steve Bell

Steve has a background in IT and business journalism and in the past has written extensively for both the UK national and trade press including The Guardian, Independent-on-Sunday, The Times, The Register, MicroScope and Computer Weekly. He's also worked for most of the world's largest IT companies in a copy and content producing capacity. He has a particular focus on IT security and has been involved in writing about the industry at various levels ranging from magazine launches to producing newsletters. He also runs a small copy writing business called Art of Words. When not bashing away at a keyboard he can sometimes be found in a boxing gym making futile efforts to keep fit or marveling at the works of Sufi poets such as Jalaluddin Rumi and Hafiz of Shiraz.

More articles by Steve Bell

Leave a Reply

 

 

 

Please enter the code

Please enter the captcha code!

Security code
We use cookies to ensure that we give you the best experience on our website. By continuing to browse, we are assuming that you have no objection in accepting cookies. You can change your cookie settings at any time.