Cibersecurity

RANSOMWARE: WHAT IT IS AND HOW YOU CAN PROTECT YOURSELF

Ransomware is a type of malware that infects computer systems, restricting users’ access to the infected systems and temporarily or permanently rendering it inaccessible unless a “ransom” is paid within a specific time period. A ransomware malware program may also be called a cryptovirus, cryptotrojan or cryptoworm.

There are currently 120 strains of ransomware, and some researchers are even reporting a 3,500 percent increase in the criminal use of net infrastructure used to run these nasty pieces of malware.

There are several types of ransomware that criminals employ to seek their paydays:

Locking: This ransomware makes it look like a law enforcement agency has taken over your device, typically with an image that reads, “Your computer has been locked.”

Deletion: The ransomware claims to delete your files if you attempt to decrypt the ransomware without paying. Not paying the ransom will also result in your files being deleted.

Encryption: This is the most popular form of ransomware. It encrypts not only the files on the infected device, but also the contents of shared or networked drives, rendering them inaccessible until a ransom is paid out.

How do I get rid of ransomware?
There are 2 ways to remove the virus: Use Safe Mode with Networking and disinfect your computer. 

Restart the computer in Safe Mode with Networking. ...
Open your favorite internet browser.
Navigate to Bitdefender webpage and download an antiransomware Removal tool.

How to prepare for (and prevent) ransomware attacks. What You Can Do to Protect Yourself

1. Backup your data:The only sure way to protect yourself or your company from 'ransomware' is with foolproof file backups. These three backup options can all help recover from ransomware attacks.

1. Battle ransomware with dedicated backup software: The simplest way to protect yourself from ransomware attacks is to regularly backup all of your important information and data. Dedicated backup softwaremakes full copies of hard disk drives and stores them on some external source, usually a storage drive that is disconnected and purposefully kept offline following backups. 

2. Ransomware and NAS backups:  An alternative is using a network attached storage (NAS) appliance for backing up the data.

3. Ransomware and cloud backups: A third option is using a cloud storage service, This option is not always the best because of how encrypted files synchronize; however, many have file-version features that make it possible to recover copies of files.

The three strategies outlined here are not meant to be exhaustive, and some aren't necessarily suitable for specific industry verticals or IT infrastructures. However, the increasing prevalence of ransomware means all individuals and organizations should evaluate and eventually implement backup strategies sooner than later. 

2. Always disconnect USB or external drives after use.

3. Map all possible network shares: This will reduce the risk of ransomware spreading to other parts of the network.

4. Use pop-up blockers.

5. Disable plugins.

6.Use antivirus software – and keep it updated.

What’s the Future for Ransomware?

The success of ransomware is evidenced by the multiple variants that are being developed and released into the wild. Ransomware-as-a-service has emerged in the underground, thereby enabling any willing buyer to get involved in this criminal endeavor without needing to be technically proficient. Ultimately, ransomware campaigns are a numbers game; the more hits that are recorded, the more opportunity for victims to pay up.  Interestingly, the cost of the ransom remains an affordable expense for victimized organizations, perhaps a purposeful tack by criminals to persuade victims to pay rather than not. Because in the end, it’s money that these gangs want.

Contact us to learn how Neudomains threat intelligence services can help protect your organization from the risk of ransomware.