How to Protect Your Computer from a Ransomware Attack
It must be said that as far as illegal money-making schemes on the Internet go, ransomware operations seem to be among the most clever ones. If it's done correctly, it's the (nearly) perfect crime because you basically have a hostage situation where the crooks have your data (which you value very much), and they won't let it go until you pay up. At the same time, there aren't any armed police officers waiting to storm the scene because this is the Internet where everybody can remain anonymous(ish).
It's been a huge hit with cybercriminals. At first, it was only the clever and sophisticated crooks that could launch a ransomware attack, but gradually, this changed. Right now, people who want to call themselves hackers but don't know how to hack can go on a forum, send some bitcoins, and "borrow" a ransomware strain which they can then unleash on unsuspecting users. There are even open-source file-encrypting projects that can be had for free.
Ransomware attacks come in many different shapes and sizes, and the likelihood of getting hit by one is substantial. Naturally enough, people want to know what they can do to protect themselves. With today's article, we'll try to help you educate yourself and learn exactly what it takes to tighten your defenses. Before we do that, however, let's bust a common misconception.
Table of Contents
Protecting yourself against ransomware is not a five-minute job
People who think that they know a lot about computers will probably tell you that having a good anti-malware program is guaranteed to protect you from ransomware attacks. The people who actually know anything about computers will tell you that this is far from the truth.
We're not trying to undermine the importance of anti-malware protection. If you want to have a chance of having a headache-free online experience, a reliable security product is a necessity. There are many different solutions on the market, and it's important to shop around before you pick the one that best suits your needs. It's also very important to make sure that its definitions are updated frequently. Sadly, even this isn't enough sometimes. New, advanced ransomware strains come out every day, and unfortunately, they do manage to slip through the defenses every now and again.
People need to stop thinking of anti-virus software as a one-size-fits-all solution to all their online woes. Users must learn to appreciate the dangers that the Internet presents and modify their behavior accordingly. Here are a few pieces of common wisdom you should go by.
Backup, backup, backup
Backups really are the only way out if you get hit by ransomware and you don't feel like paying the ransom. Some people tend to think that this is their sole purpose, and because they also think that they'll never get hit with ransomware, they tend not to bother with backups at all.
The truth is, backups can help not just when you need to fight a ransomware infection, but also when your hardware fails or picks up physical damage, which happens more often than you might think. Again, there are different types of backups and there's a range of solutions that can make the task easy and simple. Which of these suits your needs the best is up to you to decide. Just don't forget that a good backup is the one that's ready to be restored at any time. Test your backups regularly in order to be sure that the data is intact.
Click-happy users are the most vulnerable
In most cases, ransomware infections are triggered by a particular action from the user. In other words, crooks need you to click on that link or open that file in order to drop the ransomware on your PC. If you don't click the link or open the file, you won't get a ransomware infection. It's as simple as that.
Yesterday, we explained how an email that appears to be completely legitimate could end up being malicious and how you can never know whether you're a click away from opening something truly nasty. It's not just emails that can fool you which is why you should treat everything you see on the Internet with a healthy dose of skepticism.
Keep your software up-to-date
Software vendors can't afford to sit still. If they do, users will eventually get tired of the products and will look for alternatives. As a result, we sometimes see new versions of familiar programs that, many people think, are a step back, and because of this, some users prefer not to bother with updates. Those users forget that along with controversial features and user interface changes, new versions of browsers, email clients, and other software applications also come with critical security patches.
Indeed, while most of the ransomware families rely on a combination of social engineering and human curiosity, some cybercriminal gangs exploit security vulnerabilities in programs that are used by a large number of people. The really sophisticated hackers take advantage of the so-called "zero-day" vulnerabilities – security holes that the vendor doesn't know about and hasn't patched yet. Usually, however, they break in by abusing a vulnerability that's months (or even years) old and is therefore taken care of. Their attack is successful only because the user has failed to keep the software updated.
You can get used to changes in the interface. What you can't get used to is knowing that because you failed to update your software, your data is now gone.
Proper network configuration can make a difference
You most likely remember the WannaCry disaster from last year. As a ransomware family, WannaCry was nothing special, but it nevertheless managed to make the headlines because it spread like wildfire. And this was made possible by a network port which many people and organizations had forgotten to turn off.
The truth is, securing your network is a complex process in itself. It has many aspects, starting with a strong Wi-Fi password and going all the way to a proper firewall configuration. You might be a bit scared by the challenge ahead, and it must be said that some of the tasks are a bit technical. With a bit of patience and a lot of help from Google, however, everything is possible.
Ransomware is a serious threat and protecting yourself against it is a serious undertaking. If it were easy, many people would have done it and the crooks would have had to look for other means of racking up illegal profits. If you put in the effort, however, you'll have the peace of mind of knowing that if they try to extort money from you, they'll be forced to go home empty-handed. And this, we can tell you, is a really good feeling.
