Top 5 Ways To Prevent Ransomware Attacks
Ransomware is software developed to scramble infected computer systems, computers, tablets, or smartphones screen content or files so that data become unreadable. Hackers can then claim a ransom to unlock them. Last year, the number of such attacks tended to decline. But at the beginning of this year, there was an absolute explosion of this phenomenon, according to analysts from the cybersecurity firm WatchGuard. By the end of the first quarter, they had already counted twice as many as in the entire year of 2021. It is therefore crucial to learn how to protect yourself from it. Discover the 5 best ways to prevent a ransomware attack.
What is ransomware ?
Ransomware is a cyberattack in which hackers encrypt/lock their victims’ data to claim a ransom.
Most of the time, ransomware is secretly included in a phishing email attachment, a small program such as a macro, a file, or a device that can be connected to a computer, tablet or smartphone, such as a USB stick.
Often, the infection is discreet and goes unnoticed. You become aware of it only when the first anomalies appear. It can be file freezing, screen freezing, the sudden appearance of a window asking for money, or indicating that files are now inaccessible, or conversion of data into incomprehensible character strings.
Ransomware attacks can be particularly harmful, especially because new versions often include stronger encryption, and it becomes more difficult to avoid them. In addition, attackers don’t always settle after a first payment, but often ask for more. In some cases, they don’t even give the key to decrypt your data after the ransom is paid.
Hackers can demand widely varying ransoms. Often, they are only extorting a few hundred dollars. But increasingly, the attacks target specific victims. It is no longer random phishing campaigns, but spear-phishing campaigns that require extensive information gathering beforehand. In these cases nicknamed “big game hunting“, they can demand multi-million dollar ransoms. That’s why it’s more important than ever to do anything possible to prevent ransomware attacks.
There are two types of ransomware :
- Encrypting ransomware. It incorporates advanced encryption algorithms designed to make files unreadable. The victims are requested to pay to obtain the key that can decrypt the blocked content.
- Locker ransomware. Locker ransomware locks the victim out of the operating system, making it impossible to access the desktop and any apps or files. The victims have to pay to unlock their data.
5 tips to prevent ransomware attacks
Following these 5 tips will help you to avoid any ransomware infection:
1/ Make regular & multiple backups
Backups are by far the best way to protect yourself against ransomware attacks … as long as you do it efficiently.
For each backup, it is crucial to make several copies of your files and to keep them on different media. You should separately store each one of them in different locations. Ideally, one should be kept offline (on a secure external disk), and another one could be left on a secure and private cloud service.
Avoid leaving the backup media (e.g., external hard drive) connected to the computer system after a backup. In case of infection of this system, it would be included in the perimeter of the data affected by the attack, and your backup would be useless.
Read our tips to back up your data securely to be sure to make efficient backups!
2/ Use up-to-date software
Software updates often contain “security patches” intended to address vulnerabilities that hackers could exploit to launch cyberattacks (including ransomware attacks).
That’s why it’s essential to download updates for these software, devices, and peripherals immediately upon receiving notification of their existence. Because if you have received this notification, you’re not the only one… Now, hackers know there is a flaw in the device or software in question.
Another good idea is to restrict the programs installed on your computer or system to the bare minimum. Uninstall any unused software. Don’t forget to remove as well outdated plugins from your browser.
3/ Use the PoLP
To prevent ransomware attacks, you can also follow the PoLP (Principle of Least Privilege). It means splitting your device/computer system usage into two separate accounts:
- A standard account you’ll use on a daily basis, including the bare minimum functionalities;
- An admin account allowing you to access to the core of your device/IT system (to change settings, install or remove software, for instance). It’ll give you full operating privileges on the system, and you’ll log in to it only when you need to perform such tasks.
Since you will be connected more often to the first one, the damage will be more limited, in case of a ransomware attack.
4/ Avoid all spam
Many ransomware attacks are initiated by phishing, spear-phishing or whaling emails, or smishing. And it is often by downloading an attachment contained in these messages that victims allow the ransomware to break into their computer, phone, or computer system.
That’s why you should only open attachments and links issued from truly trusted sources. To make sure you follow this advice, avoid clicking on a link in an email. Even a seemingly innocent mention such as “click here to unsubscribe/unfollow” can hide dreaded ransomware. Instead, log on to the relevant website with the link you usually use.
5/ Say no to macros
Never open a Microsoft Office file containing macros without having obtained beforehand confirmation from the sender of the message that the file really comes from them and that these macros are not harmful.
If you have been the victim of a ransomware attack, you can consult these sources to try to get back your data :
- Check also this link for an extensive list of ransomware decryptors.
Don’t be over-optimistic, not all ransomware can be decrypted back! The harsh reality (like in most malware cases), is that they are difficult to reverse. Thus – as always, the golden key to prevention remains “being cautious” at all times.
It goes without saying that you should protect your device against malware with an antivirus. Unfortunately, the protection offered will be limited since an antivirus can only recognize malware already detected elsewhere. But at least you can avoid already known ransomware attacks, which is already a good thing.
It is useful to use a VPN when surfing on public Wi-Fi networks. Indeed, these networks offer no protection against hacking and are very popular with hackers for this reason. Using a VPN will prevent potential data interception that could be used to infiltrate your devices or computer system.
Virtual machines are mainly used to duplicate an IT system to test new software, use an old one, or run two separate operating systems. But they can also be used to prevent any attack from malicious software. In this respect, they can therefore help you avoid ransomware attacks. However, you should know that they are not always effective. Powerful ransomware can be particularly dangerous.
What can Mailfence do to prevent ransomware attacks?
To prevent ransomware attacks, we can help you improve the general security of your accounts and devices. Feel free to check our best tips to keep your account secure.
If you don’t already have one, why not complete your cybersecurity arsenal by opening a Mailfence account? Not only will you benefit from a high quality email account using powerful features such as end-to-end encryption, digital signatures, and 2FA, but you will also be able to use the tools of our office suite included in the package:
- A calendar with polls and groups management,
- A contact management tool,
- A chat service,
- A document storage and management tool, including 500 MB of storage for your files in the free plan
All are secure and private, meaning you’ll be able to work without unwanted attention and significantly minimize the cyber threats to your day-to-day activities. Click here to start with our Free plan now!
Share This Article
Salman works as an Information security analyst for Mailfence. His areas of interests include cryptography, security architecture and design, access control and operations security. You can follow him on LinkedIn @mohammadsalmannadeem