Ransomware is a type of malware that prevents you from either accessing your computer or the data stored on it. The computer itself may become unusable, or the data stored on it might be stolen, deleted or encrypted. Some ransomware will also try to spread to other machines on the network to maximise damage to your environment. Once the environment has become infected, a message demanding payment will appear on the screen. The criminals often ask to be paid in a cryptocurrency in an attempt to stay anonymous.
‘To pay or not to pay’
It is not advisable to pay ransoms. Ransoms are often expensive and there are no guarantees the attackers will give you the key to decrypt your files or release your computer. By paying the ransom you are also creating a market which can be lucrative to the criminals. This encourages an endless cycle of more of the same type of attacks.
‘Prevention is better than the cure’
Since there is no way to completely protect from this attack using one method, a defence-in-depth approach is ideally the best strategy to employ (see post https://insights.3bdatasecurity.com/post/102gcgn/defence-is-a-castle-build-yours-now for further information on the concept). Below are some useful tips to help safeguard you from an attack:
Tip 1 - Train your employees and educate yourself
Often ransomware attacks can be tracked back to poor cybersecurity practices. Being familiar with the different attack vectors associated with ransomware should help you to recognise a potential attack before it’s too late. Get in the habit of sharing useful information with friends, families and co-workers and help protect them too!
Tip 2 - Keep software updated or patched
Malware often looks to take advantage of bugs or security loopholes within a computer’s operating system. It is essential to ensure software is kept up to date to stop this being exploited. Having a plan in place to routinely update your software will enable you to get into a habit of doing this basic security task.
Tip 3 - Prevent malware from running on your devices
Only permit the running of applications from trusted locations and implement an application allow-list to your devices. This will only permit certain applications from running in your environment and stop unrecognised applications from executing; a good way to keep you protected.
Tip 4 - Prevent malware from being delivered to devices
Reduce the likelihood of malicious content reaching your network by installing a solution to block known malicious websites, filter out the ability to receive certain file types, and actively inspect content. There are many different tools available to perform these actions but this does require some research. If you are unsure, always ask!
Tip 5 – Backup your data
Make sure you have multiple copies of your data stored ‘offline’ and these are kept separate from your network. Regularly test to see if you can restore from your backup solution and that the process works. Never rely on one method of backups. This strategy will come in handy if you have fallen victim to an attack and will give you an option rather than engaging with criminals.
Smartwatch maker Garmin paid a multi-million dollar ransom to criminals who encrypted its computer files through a ransomware negotiation business called Arete IR, sources have told Sky News.