To prevent Ransomware attack,Cyber-criminals recently nicked thousands of computers across hundreds of countries demanding Bitcoins in exchange. Such was the attack that it left patients across England waiting for healthcare, and disrupted public utilities in Spain. Ransomware is a malicious software, often transmitted by email or web pop-ups, that hijacks a computer and demands a ransom for release.
There are various types of Ransomware, broadly they are classified in to three as follows:
- Scareware: This is the safest and least lethal of all the ransomware. The affected computer will show a pop-up message claiming that malware was discovered and the only way to get rid of them is by paying the said amount. If you do nothing, you will keep getting these pop-ups, but your files are safe. A quick scan from your security software should be able to clear this out. A Scareware attack is more irritating than costly.
- Screen Lockers: This is a more lethal attack that first targets your computer and then you. Typically, it will freeze your computer to show a screen with a government agency logo stating malicious activities was noted from your computer and you have been asked to pay a certain “fine” to unlock your computer. No government agency or Internet Service Provider (ISP) will do that unless you have done anything illegal. Even if you have, these parties take a legitimate action and do not freeze your computer. You will need a system restore or a hard scan to retrieve your files.
- Encrypting Ransomware: This is the most lethal one and this created a lot of buzz a couple of weeks ago. This software encrypts all your data and is un-retrievable unless you have paid the ransom. There is nothing you can do and paying the ransom does not necessarily ensure your files’ safety.
Guide to prevent Ransomware
Ransomware are always lethal but preventable. To protect your organization from these losses you must stay vigilant and take the following measures:
- Invest in Cyber-security: Deploy licensed and original cyber-security tool to safeguard your assets. This will not allow malicious contents to get in your network and protect your data
- Back-up data on physical or virtual machines: This is a mitigation plan that will allow you to get back your harmed data. Maintaining regular back-up on physical devices that are not on the network will help you restore information. Cloud storage with safety features may prove to be a boon in such attacks
- Update software: Software providers are constantly upgrading their products and ensuring regular updates will help you ensure ransomware safety.
- Stay informed: Malicious practices like phishing and other scams become viral as soon as they start attacking machines. Your IT team can play a vital role is tracking these, and protecting your assets proactively
- Keep clear inventories of your digital assets: Maintain a clear log of what is vulnerable and how this can be protected. If you have these handy you are aware of your weaknesses and can take proactive measures to guard them
- Segment your network: Do not put all your eggs in the same basket; this will help you salvage things in a better way. Segmenting your network will also work as your Business Continuity Plan (BCP) in case of an infection or outage
- Train your staff: Cyber-security is everyone’s responsibility. Your staff must know how to identify and be aware of malicious content.
- Filter .EXE in emails: Organizations often share executable files in emails. You never know who may send a bad file. Add filters to your emails run .exe files only after scanning them.
- Disable Remote Desktop Protocols (RDP): If you do not require the use of RDP, you can disable RDP to protect your machine from Filecoder and other RDP exploits.
For any requirements of SSL certificates kindly visit HTTPS.IN