Top 5 ways to protect your device from ransomware

protect your device from ransomware

In our last blogpost, we talked about botnets and how to prevent your device from becoming a zombie. We now discuss one of the most severe and prevalent forms of attack that cyber criminals perform using their botnets i.e. Ransomware.

What is ransomware

Ransomware is a cyberattack in which hackers encrypt/lock victims’ data until they pay a ransom. There are two types of ransomware that are currently affecting systems around the globe.

Encrypting ransomware:

It incorporates advanced encryption algorithms designed to block system files. The victims are requested to pay in order to obtain the key that can decrypt the blocked content. Examples include CryptoLocker, Locky, CrytpoWall and more.

Ransomware Crypto Cryptolocker

> A snapshot of cryptoLocker prompt

Locker ransomware:

Locker ransomware locks the victim out of the operating system, making it impossible to access the desktop and any apps or files. The files are not encrypted in this case, but the attackers still ask for a ransom to unlock the infected computer. Examples include the police-themed ransomware or Winlocker.

Ransomware locker

> Police themed ransomware prompt

Rise in reach and impact:

Ransomware discoveries

Source: CERT.RO

In 2013, about 1,200 people said they were victim of ransomware. Between January and March 2016, the IT security institutions already had recorded more than 700 cases, resulting in about $9.39 million in losses. This estimation not only include the ransom money but also the cost of replacing computers and implementing stronger cybersecurity in the aftermath of an attack.

Ransomware attacks can be particularly harmful, especially because new versions often include stronger encryption. In addition, the attacker doesn’t settle after a first payment but often asks for more. In some cases they don’t even give the key to decrypt your data.

How to protect your device from ransomware:

Following 5 points will help you to protect your device from ransomware:

  1. Make regular backups and store them separately on different locations. Ideally one should be kept offline (on a secure external disk) and the other on a secure and private cloud service.
  2. Use up-to-date software and apply security patches on timely basis. Remove outdated plugins from your browser. Only use Adobe Flash, Adobe Reader, Java and Silverlight plugins if you absolutely have to.
  3. Use a guest account with limited privileges for daily/common use and an administrator account for dedicated purposes.
  4. Attachments and links should only be opened from truly trusted sources. Any spam links, content – even when it says ‘click here to unsubscribe/unfollow, …’ must not be clicked.
  5. If a you’ve been asked to run macros on a Microsoft Office file then your definite answer should be ‘No’.

Now even after this, if you become a victim of ransomware – then following links might help you in getting your data back !

Check this link for an extensive list of ransomware decryptors.

Note: Not all ransomware’s  can be decrypted back!

Check our tips on online privacy as well.

The harsh reality (like in most malware cases), is that they are difficult to reverse. Thus – as always, the golden key of prevention remains “being cautious” at all times.

Get your secure email!

Mailfence – a secure and private email service. Follow us on twitter/reddit and keep yourself posted at all times.

– Mailfence Team


Spread the word !

M Salman Nadeem

Information Security Analyst
– Security Team | Mailfence

You may also like...

2 Responses

  1. Public note | for Windows OS users, concerning 12/13 May-2017 WannaCry Ransomware outbreak:
    – If you haven’t patched your system yet, we urge you to update your Windows environment(s) as described in Microsoft Security Bulletin MS17-010 – Critical. For those using older versions of Windows, Microsoft has provided Customer Guidance for WannaCrypt attacks and has made the decision to make the Security Update for platforms in custom support only.
    – Mailfence Team

  1. January 4, 2017

    […] Protect yourself from ransomware – 3 min read […]

Leave a Reply

Your email address will not be published. Required fields are marked *