With the widespread problem that is WannaCry and NotPetya making the rounds of major news organizations, ransomware has gone mainstream. This means that anyone, even you, could be the victim of a ransomware attack. You need to start learning ransomware prevention tactics. Keep reading and I will teach you.
What is ransomware?
Ransomware uses encryption to lock up your computer. The ‘ransom’ aspect comes from the fact that the hackers will ask for something in return in order for you to regain control of your computer.
If I got the new ransomware virus I am 300% fucked, and I will cry. I can't pay that shit, and if I don't, I lose EVERYTHING.
— Sprite🖌 (@PBRMasterKai) July 13, 2017
It can be quite frustrating. Let’s look at the ransomware prevention tactics that you need to know.
Installing your updates
The two major ransomware attacks of late exploited vulnerabilities in Windows OS. The frustrating thing is that Microsoft had already patched the security holes that allowed the hackers in. Unfortunately, many had not patched the security holes.
Make sure to always update your:
- Operating system
- Antivirus software
- Other software and apps
Developers are often sending out these updates specifically for security reasons. They are doing the ransomware prevention work for you, all you have to do is download and install it.
Despite all my warnings & tips on avoiding it, boss got ransomware on his PC. I'll just be over here banging my head against the wall.
— KoHoSo™ (@KoHoSo) June 20, 2017
Prevent phishing attacks
One of the most common ways for hackers to do a ransomware attack is through social engineering. These types of attacks rely on you, the person, making a mistake rather than a technical failure in your computer.
This is commonly done through what is known as a phishing attack:
- The hacker sends an email to their target.
- An attachment is sent along with the email that is infected with ransomware.
- Text in the email, as well as the heading, will make it seem like the email is legitimate.
- User will be urged to open the attachment where the ransomware attack will launch from.
- The files will typically be in MS Office files, or compressed.
If you do this, your files will start to get encrypted and you will start losing control of your computer.
The best defense against a ransomware attack in this instance is your instincts. If there is some sort of call to action to open it that you don’t trust, don’t open it. This even applies if the email comes from someone you trust, email spoofing is another common tactic used by hackers.
— Syncretic (@SyncreticInc) June 9, 2017
Ransomware prevention using encryption to your advantage
Hackers use encryption in order to execute a ransomware attack. You can turn the tables on them and use encryption to your own advantage:
- Full disk encryption: Using the full disk encryption option that comes with your OS will prevent ransomware from being able to install itself. You can do this with both Windows and Mac OS. It is not a 100% failsafe solution, but it is a ransomware prevention tactic as it makes it more difficult for a hacker.
- VPN use: As I was just discussing above, social engineering is a way that hackers gain access to your machines in order to do a ransomware attack. One of the ways that they do this is by getting you to connect to fake Wi-Fi that they control. They will either ask for a username and password to steal and try to use against you, or they will sniff your traffic and steal your data that way. Using a VPN prevents this thanks to the fact that it encrypts your connection.
Encryption is the tool which hackers use against you. Knowing how to use it to your advantage can protect you from a ransomware attack.
Keep your machine clean
Every operating system, and every piece of software, is going to come with features you do not need. Many of these features will open up ports and Internet connections. Each connection to the Internet is another vulnerable target for a hacker to attack with ransomware.
In the case of NotPetya and WannaCry, anyone who had disable the Windows file and printer sharing would not have been attacked with the ransomware. Every feature that you do not use should be disabled. This applies to:
- Browser extensions
- Software you no longer use
- Mobile apps you don’t use
Another part of keeping your machine clean is not disabling firewall or antivirus software. Many people disable these features in order to prevent ‘annoying’ pop-ups. Trying to get past these annoying pop-ups could result in the annoyance of ransomware on your computer.
Back up your most important files
The best way to recover your files lost through a ransomware attack is to already have a backup of them somewhere else. If your ransomware prevention tactics fail, and you do suffer an attack, there’s no guarantee that paying the attackers will mean that your files are released.
Here are some proper file backup tactics:
- Off-line backups: Most ransomware is sophisticated enough to scan your computer and encrypt everything it finds. Back up your most important files on an external hard drive, or thumb drive.
- Don’t use shared folders: Many varieties of ransomware attacks are designed to spread across networks, including shared folders.
- Cloud backups: Cloud backups, such as Google Drive, are a cloud storage option if you do not map it to a local folder or drive on your computer.
The worst case scenario is doing all of these ransomware prevention tactics, still getting attacked, paying your attacker, and then not getting your files back. Having backups can prevent this from being an issue in the first place.
i heard someone got ransomware and paid $10k to get his files back but a bunch of them were still encrypted lmao
— 🍉Xevli🍉 (@Xevlii) July 4, 2017
Creating limited user accounts
Setting up a limited user account for your daily use will help prevent a ransomware attack from getting to all of your files. It does this by making the commands that are limited unavailable to the ransomware. It can be annoying because you will also not have access to it, but you can switch over to your administrator account when needed.
The main point of this is to limit the number of files that the ransomware attack can encrypt. It will also help prevent the spread across your computer, and across your network.