Ransomware is without a doubt one of the most talked about, feared and wide spread threat in 2017. And its unlikely to fade away anytime soon as these master cyber criminals "commercialise or monetise" their creations in the form of malware-as-a-service to cater to an even larger market of amateur hackers looking to grow their bit-coins revenue.
So here are a few steps that you can take to protect your computer and those of your organisations from such attacks:
Be suspicious, always. Ransomware is only effective if it gets downloaded to your computer. Unwittingly clicking on bad links in emails is the most common way malware finds its way onto computers. So, never click on any link or download any attachment until you have absolutely confirmed that it is legitimate.
Install email content security software. Because so many ransomware attacks come by way of phishing emails, you should install security software that screens your email for phishing emails. Most anti-virus vendors already have these features bundled into their anti-virus / end-point / malware protection offerings. While these software programs are not perfect, as they rely on regular file definitions / pattern updates, they are still helpful.
Keep your computer and your software applications updated. It is critical to not only install security software but keep it and all of your software updated with the latest security patches. In March, Microsoft issued a security patch for the WannaCry ransomware program, but many people failed to update their software with the patch. It is important to remember, however, that even the most up-to-date security software will always be at least a month behind the latest malware attacks.
Don’t use unsupported operating systems. In the UK and other places, many of the victims of the WannaCry ransomware attack were still using the Windows XP operating system, which Microsoft stopped supporting with security updates in 2015. It is important not to use outdated programs that present security vulnerabilities.
Back up your data daily. Despite all the efforts above, you can still become a victim of a ransomware attack. Make sure you back up all of your data daily, preferably in at least two different locations, such as to the cloud and onto a portable hard drive (an not connected at all times to your PC).
Deploy application whitelisting strategy. As cyber security threats continue to advance, so should endpoint security. The application whitelisting methodology only allows trusted programs to execute. Therefore, instead of allowing unknown files to run, like the blacklist, the whitelist will prevent unknown files from executing until tested and proven safe. Whitelisting technology has been proven far more effective in preventing ransomware attacks, including polymorphic variants. Even agencies such as US-CERT (part of the United States' Department of Homeland Security) and Australia Signals Directorate (part of Australia Government's Department of Defence) recommend such approach as an effective way to counter ransomware attacks.
Comments