If you’ve watched the news much over the last few years, you’ve probably heard of Ransomware like NotPetya, WannaCry, and CryptoLocker, but what do you REALLY know about Ransomware? How can you protect yourself against ransomware attacks? Y-Not Tech Services is here to shed light on this cyber tactic and help you protect yourself.
What is Ransomware?
Kidnappers often request a ransom for the safe return of the victim they have kidnapped and that’s exactly what happens in a Ransomware attack. Except the victim that has been kidnapped in this case is your computer or the data stored on it. The Ransomware will lock down your computer or encrypt your data and promise to return them to you if you pay the ransom, usually in Bitcoin or some other untraceable currency. Once you pay they might (or might not) decrypt your files making them usable again.
What can you do to keep your computer system and data safe? Let’s take a look at some of the best ways to outsmart Ransomware.
Data Backup 3-2-1
The absolute best defense against Ransomware is a solid backup strategy. There’s no point paying a ransom on files that you have backed up. You can just wipe the computer clean (to remove the ransomware) and restore the files from your backup. That’s oversimplifying it a little bit, but a good back up allows you to recover from a ransomware attack relatively easily. Of course, for the back up to be useful it needs a few things to be true:
- Backup needs to be current
- Backup needs to be accessible
- Backup can’t also be encrypted with Ransomware
This is why Y-Not Tech Services recommends a 3-2-1 backup strategy. With a 3-2-1 backup you will have:
- 3 copies of your data on
- 2 different media types (like your computer and an External Hard Drive) and
- 1 Copy of your Data Off-Site (We recommend a cloud storage solution)
If you need help setting up your backup strategy contact Y-Not Tech Services. A good backup doesn’t do anything to actually prevent a ransomware attack, it just provides a foolproof way to recover from one. So let’s look at ways to stop a ransomware attack before it hits and even while it is in progress.
Good Antivirus
Not all Antivirus programs are created equally. Many don’t provide protection against ransomware. That is why a 3-2-1 Backup strategy recommended, but if you can avoid needing to restore all your files in the first place you will save time and money. That’s why we recommend our Stress-Free Anti-Virus. Using containment, sandboxing, heuristic and database techniques we can prevent ransomware from infecting your system. Plus, this is a managed solution, which means you don’t need to do anything or worry. We handle the details so you don’t need to! Now, almost any anti-virus software you use will be better than none at all. Just make sure that it’s up to date, activated, performing regular scans and has real-time scanning enabled. This will increase its chances of detected (and hopefully stopping) a ransomware attack.
Patching Your System
Since Ransomware attacks often exploit security flaws in a computer’s Operating System (like Windows 10 or Mac OSX), it is important to keep up to date with Security Patches. When a security flaw is discovered, criminals find ways to use that flaw to get malware (including Ransomware) onto our computers. Software creators will make software updates to patch the security hole and keep criminal out. However, once a patch is released the exploit becomes well known and more criminals will reverse engineer the patch to find the exploit and create more malware that uses it. That’s why it’s incredibly important to keep your system up to date with the latest security patches. If you own a Windows PC you might want to consider Y-Not Tech Services’ Gold Managed Service Plan which includes patch and update management so we can make sure you have the latest patches.
Don’t Click That Link
Ransomware, like other malware, often spreads through links in email and Social Media messages. Even if you have good Anti-virus, an up to date computer and a solid back up it’s best practice to avoid suspicious links. Before you click any link you should stop and think about it. Ask yourself these questions:
- Do I know the sender?
- Was I expecting a message from them?
- Where do I expect this link to take me?
Remember too, that the message might not actually be from who it claims to be from. Email senders can be spoofed and accounts could be compromised. Once you’ve thought about the link a bit it’s a good idea to Hover To Discover. Move your mouse over the link and let the cursor hover there without clicking on it. Then look at the bottom of your screen – you should see the Website Address the link will take you too. Take a good look at the link. You should be able to tell if the link is legitimate or not by what the address looks like. The more you examine links the better you’ll get at tell the good from the bad. Google has made a great quiz to test your knowledge – Click Here to take it.
So You Got Infected With Ransomware – Now What?
Yikes! Even though you did your best to avoid this situation, it’s happened! A Ransomware attack has made it onto your system. A quick response here will limit damages and help ensure a smooth recovery is possible. It’s all about damage control now. You’ll want to disconnect and shut down affected systems. Disconnect from the internet and your internal network to stop the infection from spreading. Then, power off the machine so that it won’t continue to encrypt files on the hard drive. This is time sensitive so I’d recommend something here that I normally wouldn’t – pulling cables. If you’re using a wired network pull out the ethernet cable (it’s usually blue and looks like a larger phone cable), then pull the power plug. Again, I don’t normally suggest this, but it might be the fastest way to stop the ransomware attack. The next course of action you take will depend on the particular strain of ransomware you got hit with. Some have decryptions available and some do not.
If you have questions or want Y-Not Tech Services’ assistance in setting up protection against Ransomwarebook an appointment using the button below:
