07 September 2018

7 Ways to Avoid Being Hit by Ransomware


avoid-ransomware

You’ve seen the news reports, and read about it on Facebook. Perhaps you know someone who has lost all of their data because of it.

Ransomware.

It sounds bad, because it is. But are you really doing all you can to avoid losing your data to digital extortion? Here are some common sense ways to prevent yourself being hit by ransomware…

1. Use a Modern Firewall Utility

A firewall prevents remote access to your computer

This may come as a surprise to you, but firewalls play an important part in reducing the spread of all sorts of malware. This includes ransomware.

While ransomware often infects machines via email attachment, malicious ad (more below), or infected media (such as a USB stick), it can also move across a network with surprising speed. To combat this, you need to ensure that you have blocked port 445. This is an internal port, and if blocked on all devices on your network, will prevent propagation of ransomware and other malware.

Although this should be blocked by default, you should check regardless. If you don’t know how to do this, consult your firewall software’s documentation. Also, keep in mind that most ransomware communicates with a remote server. An up-to-date firewall can assist in restricting this access.

In addition, you should ensure that you are using a reliable antivirus tool. Indeed, the firewall and antivirus software might be bundled together. What is important is that you are using them. Better still, if your antivirus solution has ransomware detection (typically this protects personal folders from access by newly installed software), this should be activated.

You probably wont find these features on free antivirus, however. For a good idea of what is available, check our guide to the best security software currently available.

2. Ensure Your Data Isn’t Only Stored on Your PC

Ransomware prevents you from accessing your own data, forcing you to pay the ransom to regain access. Because ransomware encrypts your data, there is often no way to circumvent this.

If no ransomware decryption tools are available, your best option is to revert to a backup of your data. Creating regular backups of your data is important, but where you store them is equally vital. Making a backup and then storing it on your PC is pointless. Ransomware can find backups and encrypt these.

The solution, therefore, is to store your backups on a different device. This might be an external hard disk drive, or an optical disk. It might even be a modest USB flash device. As long as the device is removable, it will keep your data free from ransomware.

However, if struck by ransomware, you should not restore the backup immediately. Instead, you will need to remove the infection using your antivirus software. If this isn’t possible, a full reformat of your HDD or SSD is required, followed by a fresh install of the operating system.

Only when this is correctly configured should you consider restoring your backed up data.

3. Don’t Use Your Computer’s Administrator Account for Daily Use

There’s a very good chance that the main account you use on your computer has administrator privileges. Ransomware can take advantage of this level of access to wreak havoc.

For daily use, you should consider using a guest account on your computer. This should have limited privileges, preventing software installation, for example. By taking this precaution, you prevent many types of malware and ransomware from being able to install on your system.

Whenever you need to install software, or update your operating system, it should be simple to log out, switch to the Administrator account, and make the necessary changes.

Our guide to user account control on Windows 10 should help here.

4. Disable Macros in Microsoft Office

Fo Windows users, one attack vector (which basically means “a way in”) for malware is via Microsoft Office. While the suite of office tools itself isn’t insecure, the way macros are used (particularly in Microsoft Excel) is.

While macros are disabled by default, you should ensure you maintain this state of affairs.

Checking our guide to the Locky ransomware will explain the threats in more detail.

However, if you want to disable macros now, head to File > Options > Trust Centre > Trust Centre Settings. Under Macro Settings choose Disable all macros except digitally signed macros.

5. Improve Browser Security, Audit Outdated and Insecure Extensions

If you’ve been using the same browser without updating it, or any plugins you have installed, then you risk infection from ransomware.

While this isn’t such a problem with Google Chrome, Mozilla Firefox, and Microsoft Edge, which all update automatically, it can lead to issues with older browsers. Similarly, older plugins that have not been updated pose a risk.

Not only is it a good idea to remove older plugins, you should also look for plugins that can be disabled. Things like Java and Silverlight, for example, should be deactivated or uninstalled until they’re needed. Meanwhile, Adobe Flash should also be deactivated; if you use sites that require it, set it to only activate when prompted.

Meanwhile, go through all of your plugins and add-ons/extensions. Discard any of these you don’t use, and update the ones you do.

It isn’t just browser extensions that pose a vulnerability. If your browser’s security is set too low, ransomware developers can exploit this weakness.
Of course, this differs from browser to browser.

To give you the best chance of avoiding ransomware through your browser, check our comparison to find out which browser is the most secure.

6. Limit Malicious Ads and Avoid “Dodgy” Websites

Malvertising is explained in this infographic

Ransomware has been served in malicious ads (“malvertising”), which is why you should avoid certain sites.

Sites offering illegal downloads, and links to illicit material, are particularly likely to serve malvertising. However, from time to time, such malicious ads make their way onto mainstream websites.

As such, you should take steps to negate the impact of ads on your browser. While we wouldn’t recommend a total block (many websites rely on ads for their livelihood), you have options to control how ads are displayed.

7. Delete Spam Emails Immediately

Spam emails will typically go directly into your junk email folder. But this doesn’t always happen. In addition, you should regularly check the folder for emails that have been accidentally moved (whether by you, or by your anti-spam software/webmail provider).

The result is that your exposure to spam emails is higher than it really should be. Whether encountering then in your main inbox or browsing through your spam folder for important messages, there is a good chance that you could be taken in by a scam message.

One wrong click, and you’ve downloaded ransomware. The answer here is a simple, two-step approach:

  1. Never click links in suspicious/spam emails
  2. Never download attachments from unknown senders

Stick to this, and in conjunction with anti-spam software, you should protect yourself from ransomware affecting your system via email.

Defeat Ransomware by Being Proactive

It should be clear by now that combating ransomware requires more than an antivirus suite and some spare cash, just in case.

You need to be proactive in monitoring and auditing your data, creating backups for storage elsewhere, and avoiding links in spam messages. In total, we’ve looked at seven ways to reduce your chances of being struck by ransomware:

  1. Use a good firewall
  2. Keep backups stored elsewhere
  3. Restrict your administrator account to installation tasks
  4. Disable macros in Microsoft Office
  5. Remove old browser extensions
  6. Limit malicious ads
  7. Delete spam immediately

By following these steps, you can ensure the safety of your data. Be vigilant, and understand the risks of ransomware.

Image Credit: kaptn/Depositphotos

Read the full article: 7 Ways to Avoid Being Hit by Ransomware


Read Full Article

No comments:

Post a Comment