Are you tired of hearing the warning bells about ransomware yet? It’s in the headlines everyday, it seems. But, this isn’t just some internet hoax or overinflated issue gabbed about for the sake of news. It’s a legitimate and growing problem that is proliferating, despite the fact that internet and email users should know better by now. While savvy users can generally spot a malicious email or website, there are still plenty that are blind to the obvious errors that are the tells of poor hacking attempts. It’s getting harder for even the expert to detect now that hackers have wised up and are making more convincing phishing content. What can you do to prevent yourself from being a victim?
The researchers at the Carnegie Mellon Software Engineering Institute recently released an article that gives some sound advice.
The single most effective deterrent to ransomware is to regularly back up and then verify your system.
More recent ransomware attacks have not only encrypted data files but also Windows system restore points and shadow copies, which could be used to partially restore data after a ransomware attack. Backups should be stored on a separate system that cannot be accessed from a network and updated regularly to ensure that a system can be effectively restored after an attack.
Other effective mitigation strategies include the following steps:
Educate employees. Like other malware, ransomware often infects a system through email attachments, downloads, and web browsing. Organizations should conduct regular training to help employees avoid common malware pitfalls.
Conduct regular data backups. This bears repeating. Conduct regular backups of your system and store the backups offline and preferably offsite so that they cannot be accessed through your network (For ransomware, offline is more important. For other events, offsite is more important).
On a separate-but-related front, it is also important to regularly verify the data backup process to ensure backups are capturing all necessary data and that the restore process works in your environment. At a home/personal level, backup important files as they are modified and be sure that backup media (thumb drives, external hard drives) are not left connected to any networked device. Periodically check that the files can be accessed from the backup device. You don’t want to discover that it is defective at the point you need to restore data from it. It is also important to point out that popular online backup solutions may also be vulnerable to a ransomware attack as the backed up data may be overwritten with a newer version that is already encrypted by ransomware.
Restrict code execution. If ransomware is designed to execute from temporary and data folders, but it cannot access these folders due to access control, that could be a successful roadblock to data encryption.
Restrict administrative and system access. Some strains of ransomware are designed to use a system administrator account to perform their operations. With this type of ransomware, decreasing user accounts and terminating all default system administrator accounts can create an extra roadblock.
Maintain and update software. Another important yet basic rule for protecting against and/or ensuring early detection of ransomware is to maintain and update software, in particular security and anti-malware software.
I encourage you to read this article in its entirety here.
Great Lakes Computer Corporation can help you protect your data. We offer a highly rated antivirussoftware to help detect and remove threats. We also offer a robust backup and recovery platform that can ensure your data is safe. We want you to be certain that in the event of a ransomware attack your data will be restored to a recent backup, quickly and efficiently. If you’re interested to learn more, read our ransomware case study.