Almost all of us might have come across the term ‘Ransomware’ while surfing the Internet or reading the newspaper recently. Somewhere or the other, we all are worried that we might be the next victims of the so-called malicious software! But, just as there is a way out to all problems, we have a solution for this one too. This shall be discussed in the later part of the article. But before that, let us first understand what this Ransomware is and how it came into being one of the hottest topics being discussed these days.
Ransomware is a kind of spiteful software which, when present in a computer system, will deny access to the user of the system to use it further until he/she pays a sum of money as ransom to get rid of the attack. Ransomware is basically of two types, namely, the encryptors and the lockers. The encryptors are those that deny access to the user to use his files and when a ransom is paid, they provide the victim with a key that can decrypt everything that has been blocked. The lockers, on the other hand, lock the user out of his system rendering him unable to access the desktop as a whole. No files are encrypted in this case, but even then a ransom is demanded. The software attacks the system when one unintentionally visits a malicious website or when it is sent as an attachment within spammed emails.
Ransomware makes use of several evasion strategies that make it difficult for anti-virus softwares and researchers to catch them. You will get to know that you are just another victim of this software only once your computer screen shows a full-screen image or notification that will display you the details of the ransom you need to pay in order to decrypt the files. You will not be able to use your system until you pay the amount. There might also be a case when you try to open a file and find out that you can no longer use it since it is encrypted.
How to Avoid the Attack?
Now that we have known enough of this software, let us discuss how we can prevent this malice from attacking us. The first step that one should initiate is taking a backup. You should take the backup of all important files that are present on your system. Also, keep checking whether you are able to restore your files or not. For taking a backup, you can use popular cloud services such as Amazon, Azure, Deego, Code 42 etc. Another option that you have is that of an external USB where you can keep all your files safe. In addition to this, you can make sure that you have a system in your organization that can read files on all other systems in the organization and the reverse case isn’t possible. Also, you need to ensure that this system is not connected to any external device.
Although it is difficult for anti-virus softwares to detect ransomware, you need to safeguard that you keep your anti-virus updated with the latest versions. This is a must in this ever growing insecure cyber world. There is a good chance that updating your anti-virus might protect you from the probable attack. Firewall, together with gateway antivirus, will help you prevent access to malware websites.
While sharing any sort of information with others in the form of documents or files, you should make sure that you do not share any such file with any party that has unprotected servers. Also, when you receive an email in your spam folder, you should not download any attachment sent in the mail. There are high chances of it being a possible threat that might make you a victim of this ransomware.
You should also make sure that you are not running on an older OS that is no longer supported. Operating systems such as Windows XP, Vista, Server 2003 and Server 2008 are examples of such versions. Although you might be able to use them for your day to day work, it is always safe to move to a supported platform so that you can avoid such attacks. You should also keep updating the operating systems for their latest versions. You can also continuously update the threat intelligence feed that can provide you protection from the bad actors and bad areas of the Internet. Since most of them come from same areas and networks, you can block this traffic using your threat intelligence.
We hope that you haven’t been attacked by the WannaCry ransomware that started spreading on 12th May and has by now affected millions of systems around the world. Just take a note of the methods of prevention shared above and feel secured of this potential menace on your system.