Find out more about the topic of preventing and protecting against ransomware in 2021. But what exactly is ransomware? If ransomware or an encryption Trojan gets onto your computer, it encrypts your data or locks your operating system. As soon as ransomware gets hold of a “digital hostage”, such as a file, it demands a ransom for its release. To reduce the likelihood of finding yourself in front of a locked laptop or encrypted file, it’s important to be prepared. The chances of infection can be significantly reduced both by security software and by paying sufficient attention. By using anti-ransomware, you can avoid a situation in which you have to pay horrendous sums for the possible release of your data. Ransomware infections can occur in various ways, such as through insecure and fraudulent websites, software downloads and by spam mail. Ransomware targets individuals as well as companies of all sizes.
Security vulnerabilities – are you a potential target of a ransomware attack?
There are a number of factors that might make you the target of a ransomware attack.
- The device used is no longer state-of-the-art
- The device has outdated software
- Browsers and/or operating systems are no longer patched
- No proper backup plan exists
- Insufficient attention has been paid to cybersecurity, and a concrete plan is not in place
If one or more of these points apply to the device, you are at risk of falling victim to a ransomware attack. A vulnerability scan, which can be performed by your Kaspersky security software, can remedy this. The software scans the device for possible security vulnerabilities in the operating system or in the programs installed on the computer. By detecting these vulnerabilities, which enable malware to infiltrate, it is possible to prevent the computer from becoming infected.
Protection against ransomware – how to prevent an infection
- Never click on unsafe links: Avoid clicking on links in spam messages or on unknown websites. If you click on malicious links, an automatic download could be started, which could lead to your computer being infected.
- Avoid disclosing personal information: If you receive a call, text message, or email from an untrusted source requesting personal information, do not reply. Cybercriminals who are planning a ransomware attack might try to collect personal information in advance, which is then used to tailor phishing messages specifically to you. If in any doubt as to whether the message is legitimate, contact the sender directly.
- Do not open suspicious email attachments: Ransomware can also find its way to your device through email attachments. Avoid opening any dubious-looking attachments. To make sure the email is trustworthy, pay close attention to the sender and check that the address is correct. Never open attachments that prompt you to run macros to view them. If the attachment is infected, opening it will run a malicious macro that gives malware control of your computer.
- Never use unknown USB sticks: Never connect USB sticks or other storage media to your computer if you do not know where they came from. Cybercriminals may have infected the storage medium and placed it in a public place to entice somebody into using it.
- Keep your programs and operating system up to date: Regularly updating programs and operating systems helps to protect you from malware. When performing updates, make sure you benefit from the latest security patches. This makes it harder for cybercriminals to exploit vulnerabilities in your programs.
- Use only known download sources: To minimize the risk of downloading ransomware, never download software or media files from unknown sites. Rely on verified and trustworthy sites for downloads. Websites of this kind can be recognized by the trust seals. Make sure that the browser address bar of the page you are visiting uses “https” instead of “http”. A shield or lock symbol in the address bar can also indicate that the page is secure. Also exercise caution when downloading anything to your mobile device. You can trust the Google Play Store or the Apple App Store, depending on your device.
- Use VPN services on public Wi-Fi networks: Conscientious use of public Wi-Fi networks is a sensible protective measure against ransomware. When using a public Wi-Fi network, your computer is more vulnerable to attacks. To stay protected, avoid using public Wi-Fi for sensitive transactions or use a secure VPN service.
Anti-ransomware software – what are the benefits?
In addition to these infection-prevention measures, it is also essential to use appropriate software to protect against ransomware. For example, using virus scanners and content filters on your mail servers is a smart way to prevent ransomware. These programs reduce the risk of spam with malicious attachments or infected links reaching your mailbox.
Internet security solutions such as Kaspersky Internet Security should also be installed. This software is able to block infected files when you download or stream something, thus providing real-time protection. This prevents ransomware from infecting your computer and keeps cybercriminals at bay. Kaspersky also offers a special anti-ransomware tool that can provide additional help. The tool helps detect and block ransomware by performing scans and protects your data both from local and remote-access ransomware attacks.
If you have installed the right software, you have already taken a big step in the right direction. Regularly update your internet security solution to take advantage of the best and latest protection it has to offer. Each update contains the latest security patches and improves protection against ransomware.
Data protection – neutralize the threat of the worst-case scenario
What to look out for when creating backups
Make sure your data is always protected by backups, in case your computer becomes infected with ransomware and decryption is impossible. Use an external hard drive and be sure to disconnect it from your computer after creating the backup. If your hard drive is connected when the ransomware becomes active, the data on the drive will also be encrypted. You should back up your data in this way at regular intervals.
Backup software – protection or threat?
If you do not want to protect your data manually, you can use what is known as backup software. But here you also need to exercise caution. That’s because some “security tools” can also turn out to be Trojans. Creating backup copies is a primary task of backup software, which means it has access to all files and has numerous privileges.
Software usually has a direct connection to the provider, so it is easy for cybercriminals to incorporate additional functions and commands. These can be harmful and may not be recognized by the user. In order to avoid such a situation, you should be very careful when searching for suitable backup software. Some security solutions, such as Kaspersky Total Security Tool, already offer plug-ins that can create backups. By using this kind of plug-in, you can avoid having to search for third-party providers.
Protection against ransomware – what companies should pay attention to
Ransomware attacks are by no means only a threat to individuals. In fact, companies are also frequently targeted. Not only large, lucrative companies fall victim to ransomware; small and medium-sized enterprises (SMEs) are targeted too. They usually have poor security systems, and are therefore particularly attractive targets for attackers. Below is a list of factors that should be taken into account by companies wanting to avoid ransomware infection.
- Stay up-to-date with the latest operating software at all times – in the corporate environment too. Past experience shows (for example, WannaCry 2017) that companies that neglect this area are particularly vulnerable to ransomware attacks.
- Raise employee awareness – a person who knows what to look for will be more effective at countering attacks. Implement a security protocol that enables employees to assess whether an attachment, link or email is trustworthy.
- Be prepared – make sure there is a plan in case of ransomware infection.
- Consider cloud technologies if you haven’t done so already. The advantage over on-premise systems is that vulnerabilities in cloud-based architectures are more difficult to exploit. In addition, cloud storage solutions allow you to restore older versions of your files. This means that if the files are encrypted by ransomware, you should be able to return to an unencrypted version using cloud storage.
- Backups – even in business environments, it is important to always back up business-critical data to external devices. Responsibility for this essential task should be clearly stated and communicated.
Ransomware today – the development of malware
While the basic concept of ransomware attacks – data encryption and ransom extortion – remains the same, cybercriminals regularly change how they operate.
- From PayPal to Bitcoin – because it is more difficult to track, ransom demands by cybercriminals are now made in Bitcoin. In the past, PayPal was mainly used for this purpose.
- Distribution – initially, spam emails were considered the main point of attack. While these have not lost their relevance today, VPN vulnerabilities and distribution over botnets are now also common.
Just as cybercriminals are driving the development of ransomware, anti-ransomware protection is evolving to become more effective and efficient.
As with other forms of malware, careful action and the use of excellent security software are a step in the right direction when it comes to combatting ransomware. Of particular importance with regard to this type of malware is the creation of backups, as this allows you to be well prepared even in a worst-case scenario. If you become a victim of a ransomware attack despite these preventive and protective measures, you can find more information here on how to get rid of the malicious software.