How To Protect Yourself Against Ransomware
Ransomware has rapidly grown into one of the biggest threats to a business’s computers. It encrypts critical files or even a machine’s entire file system. To get them back, the victim has to pay money through an anonymous Internet channel. The amount extorted can run into the thousands of dollars. If you’re careful, though, you can protect your systems from ransomware.
How It Works
The attack usually starts with a phishing email. It tricks the user into running an attachment, which downloads the actual ransomware. It goes to work, and not much later the user sees a screen saying that files have been encrypted and explaining how to pay to get them back.
Some forms of ransomware initially encrypt a few files and demand a comparatively small amount of money. They warn that if you don’t pay immediately, it will make more files unusable and demand more money to restore them. The purpose of this is to rattle you.
Ransomware keeps changing. When security software keeps it out, its creators will change the code to defeat detection and blocking. With so many variants around, you’ll see a lot of different names for them, such as Cryptolocker, Locky, PCLock, and TorrentLocker. It’s hard to keep up with them all, and the people who create them like it that way.
The most important defense is an up-to-date offline backup. Having a local backup is good, but ransomware will encrypt any attached drives along with the main drive. An offline, remote backup is necessary to stay safe. It needs to stay current to let you repair all the damage of an attack.
Keeping phishing attacks from getting a foothold is nearly as important. Many people will blindly open any attachments they get in email, making them wide open to all kinds of malware. They’ll open fake invoices or reports from people they never heard of. If the attachment asks them to enable macros in Office documents, they will.
Even clever people are sometimes off their guard. Good spam filtering will keep a large portion of phishing mail from reaching users’ inboxes. Being cautious about mail will let people avoid exposing their computers to risk. In general, don’t open attachments that look at all suspicious. If you don’t know the person who sent them, they’re most likely fake.
Executable files are deadly. There’s hardly ever a legitimate reason for someone to send you a file with a .EXE extension. You should configure your email software to refuse to open these. By the way, turn off the “feature” which hides file extensions. Windows hides them by default, but that makes you vulnerable to files in disguise.
Another important protection is security software. Keep it updated to the latest version; it’s a constant race between malware developers and the software that protects you.
Spend as little time as possible logged in to a root or administrative account. If you’re running an ordinary user account, any malware you accidentally run won’t do as much damage. If you’re an administrator, you can create a non-administrative account for your everyday use.
If Ransomware Hits You
If you see a ransomware message on your computer, try not to panic. If you have a recent backup that it couldn’t touch, you’re reasonably safe. Make sure to purge the malware from your computer, or you’ll just have the problem all over again. Once you’ve done that, you can restore the files, and hopefully you’re close enough to what you had before that you can live with any slight losses.
If you’re stuck without an adequate backup, it’s your call. Sometimes you have to give in, but keep in mind that if you do, you’re financing crime and have no guarantee of getting your files back and keeping them.
Prevention is the best approach. It saves you from facing the choice and guards you against many other risks at the same time.