The ransomware epidemic keeps running rampant. It targets more and more businesses, rendering valuable files inaccessible through the use of strong cryptosystems. Crooks also steal data and threaten to publish it.
This segment of cybercrime poses a huge underground economy. According to an investigative report, a single ransomware strain called Cerber may generate a revenue of about $2 million.
After several years of attacking organizations of various types, today, we see that some ransomware gangs return to targeting home users.
During their existence, ransomware viruses managed to acquire a rather sophisticated code, which significantly complicates the fight against them. It may take several years to decipher the persistent crypto algorithms. It is possible to successfully create a decryption utility only if the authors of the virus made a mistake in it. Or alternatively, if the cryptographic keys fell into the hands of security experts or law enforcement agencies.
How can ordinary users counter such a powerful adversary? Believe it or not, prevention is a no-brainer in most cases. Importantly, it does not necessarily imply any expenditures. Below is a list of worthwhile security practices to stay on the safe side free of charge.
Enhance your spam protection
Ransomware authors leverage botnets to generate big volumes of spam and thus spread their harmful loaders. Thankfully, most modern email systems have modifiable anti-spam features. Consider customizing your spam filter settings. Crank them up a bit so that virus-tainted emails do not make it into your inbox.
Filter email extensions
Most ransom Trojans arrive with booby-trapped email attachments. Therefore, it is a good idea to configure your email system to block incoming messages with potentially harmful content on board. These include files with the following extensions: .exe, .js, .zip, .rar, .docm, .rtf, .vbs, .scr, .bat, .cmd, and .pif. Any attachment that executes commands or activates bad MS Office macros should be off limits. So, it is really high time for you to toggle your email security settings.
Add Software Restriction Policies
As opposed to normal applications, ransomware processes tend to launch from AppData, LocalAppData, UserProfile, or Temp paths on host systems. By setting the appropriate Software Restriction Policy under Local Group Policy Editor, you can make sure nothing malicious executes out of these directories.
Having contaminated a Windows computer, most ransomware programs will attempt to delete Shadow Volume Copies by running the ‘vssadmin.exe Delete Shadows /All /Quiet’ command. This way, the infection prevents victims from restoring previous versions of their files. Therefore, it is strongly recommended to assign the vssadmin.exe process a different name so that ransomware cannot thwart this vector of data recovery.
Keep Windows Firewall enabled
Most ransomware specimens reach out to their Command and Control servers to obtain private crypto keys. However, Windows Firewall and second-opinion firewall solutions can intercept and block this type of traffic, preventing the infection from scrambling your data and thus making the compromise incomplete.
Exercise caution with remote services
A threat dubbed the Surprise Ransomware hit the headlines some time ago. The attackers reportedly abused the TeamViewer remote support app to manually execute the infection on computers. To avoid predicaments like that, be sure to set up multi-factor authentication for logging into remote access services.
Use reliable VPN services
As per VPNBrains, virtual private networks can hide your IP address from cyber crooks and make it very hard for them to target your data. Most often, criminals look for more easy and vulnerable targets. Besides, when you share anything or transfer data using a VPN service, that information is always encrypted and can be reached by malware authors. Some VPN services also blacklist and block suspicious URLs.
Do not forget about an antivirus tool
Present-day antiviruses are very complex tools. These are mature solutions that do not let most hackers penetrate your system. The main indicator of the quality of antivirus can be considered the research and tests of AV-Comperatives.org. The first places are occupied not only by paid versions. There are a lot of good free antiviruses. You can use free products from BitDefender, AVG or other top vendors.
Use strong passwords for all online accounts
A significant part of the viruses may spread by guessing a password. Based on numerous reports on leaked passwords, today, the complexity of most passwords stills turns out to be low – at the level of “111111” or “password.”
Patch and update
Keep your operating system and all software updated. It is strange, but hackers manage to find old systems and exploit vulnerabilities that are several months or even years old.
Avoid downloading and installing applications from unknown sources
Download software only from official websites. In case you use Windows, whenever possible, download apps from the Microsoft Store. All apps in this marketplace have been verified by Microsoft and are free of malicious code.
Keep in mind that today smartphones can be infected with ransomware too. Some spy apps can lead to ransomware.
Do not use an Admin account
You can use a standard user account instead of an administrator account to prevent malware from being installed using elevated privileges.
Back it up
Finally, the rule of thumb is to maintain backups of important data that you cannot afford to lose. Thankfully, there are cloud services providing plenty of free storage space. Even a memory stick should suffice to keep extra copies of the most valuable files. Backups ensure an optimal security setup with no single point of failure.
These techniques are no panacea, but they can keep the majority of ransomware strains away from your computer. The best results can be achieved through a combination of highly effective software and specialized knowledge on how to avoid potential threats. Once again, it is difficult to overestimate the importance of data backups – that is your best Plan B imaginable. Remember that the best tool for protecting data and files is yourself. Typically, a device becomes infected with ransomware as a result of user actions, such as clicking on a link, opening an email, or installing software from an untrusted source.
Follow Technoroll for more!