The internet can be a dangerous place and software viruses remain one of the top threats to both businesses and individuals. Over time, cybercrime has evolved with hackers getting more creative and persistent with their methods of attack.
The earliest forms of online viruses would infiltrate a computer and try to either damage or steal valuable data. These days, one of the most common versions of the crime is for a hacker to gain access over a system and hold its contents ransom through encryption while demanding a cash payment.
Many security experts recommend not paying a ransom demand because in many cases the data is never decrypted. FedEx decided not to protect themselves or pay the hackers. The company ended up spending $300 million for downtime and to rebuild their system. If ever there was a poster child advising us to take this stuff seriously, this is it.
Here are the key strategies to prevent becoming a ransomware victim at home or at your organization.
Filter web traffic and email
The majority of ransomware attacks begin with a malicious email attachment or URL link. Often the hacker will look to imitate a popular company or bank in an effort to get you to install a piece of software or expose your username and password.
They may claim there is a problem with your account that requires you to click a link for immediate resolution. Once they have full access to your operating system, the rest of the attack begins.
To defend against this, strong web and email filtering tools should be installed and enabled. These will automatically warn you about suspicious messages or links and try to block them.
Of course, you can’t keep all spam out, so employees should be trained on how to react to suspicious emails that land in their inbox.
Ransomware is especially dangerous because all it takes is one individual performing a single click on a bad link or opening an attachment. From there, the hacker can spread the virus to other systems on the network and potentially damage an entire company or organization.
Leverage machine learning tools
And while hackers are getting more creative so are malware detection tools. Thanks to the power of machine learning and artificial intelligence, these software algorithms can learn to identify the latest forms of ransomware and alert you when one hits your computer.
Early detection of a ransomware virus is critical, because it may give you time to disconnect from the internet and stop it from harming your data. Machine learning is also good at identifying patterns of dangerous network activity, which can help to strengthen your firewall and block attacks at their source.
AI security tools work best when they have a large set of historical data to digest and analyze. Their algorithms use that information to set a baseline of what constitutes normal activity on your computer and network. Ransomware attacks can then be easily flagged as anomalies since they involve a rapid modification to system files from an external source.
Use a VPN to encrypt communication
When you connect to the internet from a computer, do you think about the security level of the network you are using? You should. The internet service provider (ISP) connection from your home or office is (hopefully) secured, but working remotely or using public wi-fi greatly increases your risk.
Hackers have figured out to manipulate a public wi-fi router and use it to intercept traffic or inject ransomware viruses. The best form of protection is a virtual private network (VPN) client, which creates a safe data tunnel between your computer and the internet.
VPN clients rely on a complex method of encryption that makes it both anonymous and reliable. Even if a hacker manages to infiltrate the local network you are using, a VPN client will keep you safe from ransomware because your data cannot be decrypted by outsiders.
Have a data recovery system ready
In the worst case scenario, a ransomware virus launched onto your computer will block you from accessing any of your internal hard drive data. If this happens, the first thing to do is disconnect the computer from the internet.
Most experts agree that ransomware victims should never pay the money hackers demand since there is a low chance that the attacker will actually restore access to the data. Instead, the smart move is to wipe the computer’s hard drive entirely and revert to the most recent backup prior to the infection.
Since there is a chance that a ransomware virus can be spread quickly to other workstations and servers on a local network, you should aim to have redundancy in your backup policy. Cloud backup solutions offer a reliable, affordable, and increasingly popular way to store copies of critical data.
Don’t forget about other devices
When discussing ransomware attacks and reading about them in the news, they are most often associated with Windows PCs in an office environment. However, in reality, hackers are looking to distribute this type of malware across many different devices and operating systems.
Mac and Linux users, despite, excellent reputations for security, still should be on alert for potential ransomware threats, and the same goes for anyone who uses a tablet or smartphone. Ransomware attacks can be executed on any of these devices, essentially hijacking all of the information on them and rendering them unusable.
Final thoughts and best practices
As more and smarter devices make their way into our homes, keeping them all secure becomes a major challenge. The best practice is to only enable external internet access for machines that absolutely require it. To summarize, here are the best practices to prevent ransomware:
- Backup all your data regularly and religiously, to both a cloud service and a hard drive.
- Be careful when you open any unsolicited emails, asking you to click on a link or download a file.
- Do not disclose personal information in emails, unsolicited phone call or text messages.
- Maintain your firewall, antivirus software and system software up to date. Set your operating system to automatically update.
- Install content scanning and filtering on your mail servers to block any attachment that could pose a threat.
- Track all the devices connected to your system, especially in an organization.
- Reinforce the security of your local network to make sure the next popular attack doesn’t have the chance to corrupt any of your devices.
- Have a disaster plan in case of an emergency when data is not unavailable.
- Create awareness in your organization to recognize entry points for ransomware.
- Do not pay the ransom, because it only encourages the attackers.