Ransomware

This is becoming a major attack method for criminals keen to get their hands on your money. They get you to download some software that then encrypts your files. They then ask you to pay them to unencrypt the files – usually not too much money, enough to make it worth their while but not so much you throw your hands up in horror.

The solution – 4 fold.
1. Patch to reduce the risk of unpatched vulnerabilities being exploited.
2. Tell everyone not to click on links in emails or to open attachments where the malware is often stored. Visiting dubious web sites is another easy way for the criminals to get you to download their malware. Whitelisting web sites can help here but can be a pain to administer.
3. Reduce the risk of them having admin rights on your system if they do get in by only using full admin accounts for those activities that must have those rights. Your normal day-to-day activities should be on a user account even if you are the only user.
4. Store your backup data and files somewhere offline so that in the event of succumbing to one of these attacks you can simply clean off the encrypted files and replace them with the backup version. Naturally this backup needs to be done regularly and stored in a place which is not connected logically to the PC or other storage device. An external hard drive might be good for smaller systems, cloud might work for larger systems but there must not be a routine connection that the ransomware can find and then encrypt the backup too!

Take care!

About Author: Andy Taylor

Leave a Reply

Your email address will not be published. Required fields are marked *