There’s a real possibility that your computer can get infected with ransomware. Ransomware is the most frequently used form of malware today. You’ve probably heard about it in the news. But, do you know how to protect yourself from ransomware? We’ll tell you here.
You must take ransomware seriously, educate yourself about all the ways your computers could get infected, and the steps you should take to prevent it from landing on your computers in the first place. You can do this with security tools provided by your IT company and by practicing safe internet browsing and email use.
Ransomware encryption denies access to your computer system or data until you pay a ransom. You can get ransomware from phishing emails or by going to an infected website and getting the virus from there. When you get ransomware, malicious software will lock down your computer’s files unless you agree to pay.
According to a Q4 2018 Global Ransomware Marketplace Report, the average ransom increased by 13% to $6,733 in Q4 2018 compared to Q3’s $5,973. Bitcoin is still the most popular currency demanded by ransomware attackers, at 98%.
If you visit an infected website, you could unknowingly download a ransomware virus to your computer. Or a phishing email might trick you into clicking on a malicious link or attachment that downloads a ransomware virus into your computer.
Phishing emails are designed to appear as though they’ve been sent from a person who you know. They will try to entice you into clicking on a link or opening an attachment containing malicious code. After the code is run, your computer is infected with malware.
There’s more than one kind of ransomware. Viruses like CryptoLocker, CryptoWall, Locky, WannaCry, Petya, NotPetya, Crypto, Bad Rabbit, Eternal Blue and more are designed to deny access to your data or network until you pay a ransom.
The WannaCry and Petya ransomware viruses spread via a vulnerability in Microsoft’s Server Message Block (SMB) network file-sharing protocol that’s widely used. It helps your computers connect to other computers and devices like printers.
Ransomware falls into three categories: Encrypting Ransomware, Scareware and Screen Lockers.
1. Encrypting Ransomware
This is a virus that locks down your files by encrypting them. There’s no software available that can unlock your files when this happens. The criminals who send the encrypting ransomware will demand a ransom to decrypt your files. Even if you pay the ransom, you still might not get your files back.
Scareware uses rogue security software and tech support scams to entice you. When this happens, you’ll get a pop-up message on your computer claiming that it’s infected with malware. But you should ignore this because your files are just fine. However, If you do ignore it, you’ll continue to get this pop-up message.
3. Screen Lockers
If you get this type of ransomware, you’ll be locked out of your computer. You’ll see a message posing as the FBI or Department of Justice saying that you must pay a fine because illegal activity was detected on your computer. Don’t pay this “fine.” The FBI or DOJ would never freeze your computer or demand payment. So, don’t take the bait.
It wasn’t until 2014 and the height of the infamous CryptoLocker that ransomware started showing up on mobile devices. Mobile ransomware typically displays a message saying your device has been locked because of illegal activity. It says that you must pay a fee to unlock your device.
You can get mobile ransomware when you download malicious applications. To remove it you should start your mobile device in safe mode. Then you must find the malicious app and delete it.
The best way to protect your computers from ransomware is to prevent it from infecting them in the first place. Here are some ways that you can protect yourself from getting ransomware:
Today’s modern firewalls are built to defend against ransomware. The right firewall and Intrusion Prevention System (IPS) helps to prevent viruses from getting into your computers.
Your IT company should implement a next-generation firewall with Intrusion Prevention Systems (IPS). These can keep ransomware threats from getting into your network and stop them from self-propagating and infecting other computers and systems.
An IPS collects the malicious traffic coming into your network and only lets the clean traffic through. It also performs what’s called deep packet inspection of your network traffic to detect exploits and stop them before they reach any of your computers. The IPS monitor for and identify suspicious activity, logs the data, attempts to block it, and reports it to your IT services company.
This right IPS uses a tactic called sandboxing. It puts malicious programs in a separate place, so they can’t spread throughout your network. Ransomware like WannaCry and Petya spread like worms; they can lurk in files like Microsoft Office documents, a pdf, or updates for applications. Hackers can make these files appear valid and hide the malware. This is why sandboxing is essential for any IPS.
Ask your IT Services Company to:
Using VLANs allows your computer to communicate through a virtual environment to protect it from any ransomware or other viruses that may be circulating in your network. Extending VLANs or zones into your firewall takes security to the next level.
Need more information about protecting yourself from ransomware? Check out these articles:
Author: Joe Martin, Date: 2019-04-20