Ransomware – if the world itself sounds so terrible, imagine than the consequences of a ransomware attack.
We all know that once you get infected with ransomware your sensitive data gets encrypted and attackers demand some form of payment to decrypt it.
The thing is that in many cases, once you pay in ransom, the attackers never return your data even though you already paid. In cases where you get your data back you still remain vulnerable to future attacks since the attackers received financial gain from you and you motivate them to proceed further with their activities.
You probably noticed that you read and hear about ransomware attacks a lot lately. Ransomware attacks have doubled and this year we have a 17% increase in new ransomware variants.
How much will they earn of your money in 2016? FBI estimates that ransomware attackers will “earn” $1 billion – read more Crowdstrike facts here.
Paying up is not a solution. This kind of action makes ransomware attackers feel rewarded for their actions and creates financial problems for organizations.
The thing with ransomware is that the impact is immediate. There is a huge percentage of small to medium businesses that shut down their doors after experiencing a ransomware attacks.
And you personally? Well, it can take your mortgage loan amount for that month or even higher.
Don't let yourself experience a ransomware attack but rather follow these actionable strategies:
Backup, backup and one more time backup!
The most common and best advice you can get is to back up and don’t just knock with your head after your read this. Do it!
Regular up-to-date backups are the most reliable method for recovering lost or infected data. In order to be more effective, Gary Warner advises that a backup must be “serialised”, with older versions of files available in case newer versions have been corrupted or encrypted.
Ransomware tries mostly to encrypt data on a connected network therefore the best would be to store the backed-up data in an offline environment, far away from attacker’s eyes.
Stay up to date-be informed
Stay informed - Knowledge is power. Social engineering is the most common method ransomware attackers use in order to infect you. It may be hiding in your inbox right now but you are not aware of it and it just waits for you to click a link in the spam email or activate macros in a malicious document.
Therefore, educate yourself on how social engineering works, how attackers use phishing campaigns, how suspicious website look like and above everything always think twice before clicking something or opening a file. If it seems suspicious to you, then it probably is. Never ever click, download or open something that looks suspicious to you.
Get proactive anti-ransomware protection
Why do you think cyber criminals attack home users? Because they don't do regular backups and most importantly they fail to invest in need-to-have cyber security solutions.
Build your defense system. Choose ransomware protection rather than paying in ransom to hackers.
Besides home users, there are many reason why cyber criminals attack business. First of all is money. Besides, these kind of attacks can cause huge legal or representational damages therefore businesses choose to pay in ransom just to get the data back as soon as possible to avoid any consequences. Therefore, rather to pay up to cyber criminals the best thing for business should be to invest in a proper security software that will cost them much much less money and nervous break downs.
Apply BYOD policy with strict security measures
All devices connected to your network have to be secured. BYOD policy has caused many problems to many businesses, especially small ones since they failed in expanding the BYOD policy with strict security measures.
Even home users can experience the same problem. A friend may come over and connect to your network without having any proper security software installed. This kind of actions make your whole network as an open vulnerable spot to possible attacks.
Just this year there was a new rash of malicious ads that attempted to install ransomware and other infections on your PC. This ransomware infected thousands of people within 24 hours.
Therefore, to avoid this kind of and similar situations use an ad blocker to avoid the threat of potentially malicious ads.
Install latest security patches and updates
Always keep your operating system and software up-to-date by installing the latest security patches and updates. In case you don't, attackers will use the vulnerability in your software and make it as their strategic point to attack you. Therefore many security specialists advise to always install the latest security patches to solve a lot of vulnerabilities.
Remove Adobe Flash, Adobe Reader, Java and Silverlight plugins from your browsers
According to statistics, as you can see in the below image, these four plugins are well-known and notorious for being used by cyber attackers. If you really have to use them then rather set your browser to always ask you before activating them.
1: Distribution of exploits used in attacks by the type of applications attacked, Q1 2016 - Kaspersky Lab
Remove outdated plugins and add-on's from your browsers.
Vulnerabilities in outdated plugins and add-ons are used heavily by cyber attackers therefore keep them updated to the latest version.
Follow the above mentioned steps and you will never get in the situation to pay to cyber criminals. Remember that antivirus is not enough, especially free version. Install a proactive ransomware protection that is always up-to-date and explore the Internet worry-free without paying attention where and what to click.