With the widespread problem that is WannaCry and NotPetya making the rounds of major news organizations, ransomware has gone mainstream. This means that anyone, even you, could be the victim of a ransomware attack. You need to start learning ransomware prevention tactics. Keep reading, and I will teach you.
What is ransomware?
Ransomware uses encryption to lock up your computer. The ‘ransom’ aspect comes from the fact that the hackers will ask for something in return in order for you to regain control of your computer.
I got ransomware on my computer that shit scary as fuck
— beck (@pilgrim_beats) November 26, 2018
It can be quite frustrating. Let’s look at the ransomware prevention tactics that you need to know.
Installing your updates
The two major ransomware attacks of late exploited vulnerabilities in Windows OS. The frustrating thing is that Microsoft had already patched the security holes that allowed the hackers in. Unfortunately, many had not patched the security holes.
Make sure always to update your:
- Operating system
- Antivirus software
- Browsers
- Other software and apps
Developers are often sending out these updates specifically for security reasons. They are doing the ransomware prevention work for you; all you have to do is download and install it.
Just got a ransomware email off some cretin demanding o send him bitcoin or he was going to release videos of me.. wow I'm so scared ?
— Claire ? (@clairepear_) January 21, 2019
Prevent phishing attacks
One of the most common ways for hackers to do a ransomware attack is through social engineering. These types of attacks rely on you, the person, making a mistake rather than a technical failure in your computer.
This is commonly done through what is known as a phishing attack:
- The hacker sends an email to their target.
- An attachment is sent along with the email that is infected with ransomware.
- Text in the email, as well as the heading, will make it seem like the email is legitimate.
- The user will be urged to open the attachment where the ransomware attack will launch from.
- The files will typically be in MS Office files or a compressed format.
If you do this, your files will start to get encrypted and you will start losing control of your computer.
The best defense against a ransomware attack in this instance is your instincts. If there is some sort of call to action to open it that you don’t trust, don’t open it. This even applies if the email comes from someone you trust; email spoofing is another common tactic used by hackers.
Careful people. I just got this email but @Netflix isnt connected to this email address. Phishing for info. Dont click if you get!! pic.twitter.com/jq2biCnkTB
— Justin Fischer (@FozzyFiend) January 23, 2019
Use encryption to your advantage
Hackers use encryption to execute a ransomware attack. You can turn the tables on them and use encryption to your own advantage:
- Full disk encryption: Using the full disk encryption option that comes with your OS will prevent ransomware from being able to install itself. You can do this with both Windows and Mac OS. It is not a 100% failsafe solution, but it is a ransomware prevention tactic as it makes it more difficult for a hacker.
VPN use: As I was just discussing above, social engineering is a way that hackers gain access to your machines in order to do a ransomware attack. One of the ways that they do this is by getting you to connect to fake Wi-Fi that they control. Either they will ask for a username and password to steal and try to use against you, or they will sniff your traffic and steal your data that way. Using a reliable VPN prevents this, thanks to the fact that aVPN encrypts your connection.
Encryption is the tool which hackers use against you. Knowing how to use it to your advantage can protect you from a ransomware attack.
Keep your machine clean
Every operating system, and every piece of software, is going to come with features you do not need. Many of these features will open up ports and Internet connections. Each connection to the Internet is another vulnerable target for a hacker to attack with ransomware.
In the case of NotPetya and WannaCry, anyone who had disabled the Windows file and printer sharing would not have been attacked with the ransomware. Every feature that you do not use should be disabled. This applies to:
- Browser extensions
- Software you no longer use
- Mobile apps you don’t use
Another part of keeping your machine clean is not to disable the firewall or antivirus software. Many people disable these features to prevent ‘annoying’ pop-ups. Trying to get past these annoying pop-ups could result in the annoyance of ransomware on your computer.
Back up your most important files
The best way to recover your files lost through a ransomware attack is to already have a backup of them somewhere else. If your ransomware prevention tactics fail, and you do suffer an attack, there’s no guarantee that paying the attackers will mean that your files are released.
Here are some proper file backup tactics:
- Off-line backups: Most ransomware is sophisticated enough to scan your computer and encrypt everything it finds. Back up your most important files on an external hard drive or thumb drive.
- Don’t use shared folders: Many varieties of ransomware attacks are designed to spread across networks, including shared folders.
- Cloud backups: Cloud backups, such as Google Drive, are a cloud storage option if you do not map to a local folder or drive on your computer.
The worst case scenario here is that you did all these ransomware prevention tactics, but you still get attacked; you paid your attacker, but you did not get your files back. Having backups can prevent this from being an issue in the first place.
Creating limited user accounts
Setting up a limited user account for your daily use will help prevent a ransomware attack from getting to all your files. It does this by limiting the commands that will be available to the ransomware. It can be annoying because you will also not have access to these commands, but you can switch over to your administrator account when needed.
The main point of this is to limit the number of files that the ransomware attack can encrypt. It will also help prevent the spread across your computer and across your network.