Computer Security, Operating Systems, Technology, Tutorials, Windows 10

How To Beat Ransomware

March 12, 2017

In early 2016, the emergence of the ransomware variant Locky infected computers that were owned by healthcare facilities worldwide. For example, The Hollywood Presbyterian Medical Center paid a hefty $17,000 in Bitcoin currency for the decryption key of important patient data. Locky utilizes various distribution procedures. A typical distribution procedure involves the circulation of spam emails that consists of malevolent Microsoft Office documents with macros or zipped Javascript attachments. Other distribution procedures revolve around rootkits. Hence, the proliferation of ransomware has not merely led to the infection of computer systems belonging to home users but has also heavily impacted critical industries like health care.

What is Ransomware?

Ransomware is a kind of malware that is covertly installed on PCs and mobile devices, resulting in restriction from using those systems. Certain on-screen alerts are shown by the infected systems. Usually, the alerts indicate that the user’s systems or files have either been locked or encrypted.

By paying the ransom, the users are assured that their access will be restored. However, there is no guarantee that they will get their files back. Furthermore, paying the ransom perpetuates the development of more sophisticated ransomware and encourages the malicious actors to do further damage. Therefore, prevention becomes crucial in fighting against ransomware.

How is Ransomware Dangerous?

Contemporary ransomware attacks employ sophisticated infection methods permitting malicious malware to infect your machine. They induce people to execute a ‘dropper’ which results in downloading the spiteful malware payload to commence the encryption procedure. In the majority of incidents, a carefully constructed phishing email is utilized with a ZIP file as an attachment. The ZIP file typically includes a Javascript file with the extension .JS. Since Javascript is deployed by various websites, it is futile to obstruct in the browser. One of the most problematic things occurring in the dropper are the persistent alterations and befuddlements within the Javascript code. This enhances the dropper’s ability to conceal itself, which prevents detention. In addition, the Windows operating system carries out Javascript directly.

Infected computer systems are calamitous to the home user or enterprise. Not only may it be difficult to recover the files, but the decryption of files after the ransom has been paid does not indicate that the malware infection has been eliminated. The services of information security and data recovery professionals may be required. Moreover, ransomware inevitably instills fear and psychological worry onto the owners of the systems.

Solutions

Below are some of the recommended preventive measures that I recommend following to better shield from a ransomware infection:

1. Deploy patches and upgrades to your operating system, software, Intrusion Prevention System, firewalls, and other layers of defense systems.

It doesn’t get any more obvious than this.

2. Don’t enable macros from email attachments.

If the user has macros enabled and opens an attachment, the malicious code can enable the malware which infects the user’s system.

3. Avoid clicking on suspicious links and files.

Sometimes this is easier to say than to be done.

4. Disable and uninstall any unnecessary software and hardware.

Unused software and hardware permit the potential for exploitation. Disabling and uninstall them does not hurt.

5. Do actually test your backup data.

Make sure your backups are not vulnerable to jeopardize. Do imagine yourself in a situation where your computer system has been infected, and data has been encrypted. The possibility strongly exists. Thus, it is essential to test your backups.

6. Embrace the principle of Least Principle.

Your users don’t always need to install and run the unnecessary software. Therefore, restricting a user’s permissions can be a huge benefit. Confinement of these privileges ultimately can hinder malware from executing effectively onto the systems and networks.

7 . Don’t blame yourself or other victims.

Even when you or someone else does the best to avoid a ransomware infection, both of you must accept that ransomware is constantly evolving. The sophistication and effort put in by cyber criminals in ransomware attacks can make these types of malware difficult to detect by security software. Accept the fact that using a security software can make ransomware attacks and other attacks easier since many antiviruses can have a lot of software vulnerabilities that lack patches.

8. Be quick and reactive regarding network monitoring.

Training can never be seen as unimportant, but what remains even more significant is the ability to react quickly to emerging threats and being to effectively monitor the network. A sense of

9. Inherent a security policy for not only enterprises but also home users as well.

Take advantage of password managers and enhanced security practices. Understand that no employee or home user will remain in one spot for eternity. They will go to public places, use public WiFi, and been spied on by criminals. It is important to create a sense of security awareness and skepticism through security practices. It’s also better to use a password manager than to type a password directly on the system since someone in public can observe the user’s typing of potentially critical information.

You Might Also Like

No Comments

Leave a Reply

Back to top
%d bloggers like this: