You have probably heard of viruses and malware. These dangerous pieces of software can make their way into your computer and wreak havoc. Malware authors are intent on stealing your data and disrupting the proper functioning of your digital devices.
Then there is ransomware. This is crafted by cyber-criminals for extorting data from innocent users, and is rapidly becoming a threat to individuals, small business and corporate users alike.
While the concept of ransomware has existed for more than 20 years, it wasn’t until 2012 that several key technological advances aligned and allowed it to flourish.
Now ransomware has evolved. It combines file encryption, it uses “dark” networksto conceal the attacker, and uses crypto-currencies, such as Bitcoin, to prevent law enforcement from tracing the ransom payment back to the attacker’s den.For a small upfront cost and with low risk of getting caught, ransomware developers can net good returns: industry estimates range from 1,000% to 2,000% return on investment.
There have been many reports of Australian businesses paying ransoms. Even the authorities aren’t safe, with several police departments in the US having paid ransoms in order to recover files. And we’ve even seen reports that FBI experts have advised victims to “just pay the ransom” if they need their data.
The biggest concern with ransomware is the rate at which it is adapting to combat security protections. We recently examined the evolution of ransomware and found that ransomware developers are learning from their mistakes in previous versions. Each generation includes new features, and improved attack strategies.
We also found that over 80% of recent ransomware strains were using advanced security features that made them difficult to detect, and almost impossible to “crack”. Things don’t look good for end-users; ransomware is increasingly using advanced encryption, networking, evasion and payment technologies. The developers are also making fewer mistakes and writing “better” software.
It’s not a stretch to imagine a ransomware developer currently working on ways to attack even corporate databases, or versions that lay low while they identify all of your backup disks.
Ransomware – How To Protect Yourself ?
Here are some tips you can take to protect your files from ransomware:
- Keep your operating system and software up to date with the latest security patches.
- Use a reputable antivirus program and keep it updated.
- Use a firewall to block incoming connections from suspicious IP addresses.
- Create regular backups of your important files and store them offline or in the cloud.
- Use strong, unique passwords for all your accounts and enable two-factor authentication whenever possible.
- Be cautious when opening emails or clicking on links from unknown sources.
- Avoid downloading files or visiting websites from untrusted sources.
- Use an anti ransomware software and keep it updated.
- Educate yourself about the latest ransomware threats and how to protect yourself from them.
- Be prepared to act quickly if you do become a victim of ransomware by having a response plan in place.
There are several software options available to protect against ransomware. Some popular options include:
- Malwarebytes Anti-Ransomware: This software uses advanced behavioral analysis to detect and block ransomware before it can encrypt your files.
- Norton Anti-Ransomware: This software uses a combination of signature-based detection and behavioral-based detection to protect against ransomware.
- Trend Micro Ransomware File Decryptor: This software can help decrypt files that have been encrypted by certain types of ransomware.
- Kaspersky Anti-Ransomware Tool: This software uses machine learning techniques to detect and block ransomware attacks.
- Bitdefender Anti-Ransomware: This software uses behavioral-based detection and machine learning algorithms to detect and block ransomware.
- Windows Defender: Windows defender is a built-in anti-malware software that also includes anti-ransomware features and is included in all Windows operating system.
It’s important to note that no software can guarantee 100% protection against ransomware, so it’s important to use a combination of different security measures.
Recovering files from ransomware is impossible without the attacker’s approval, so you need to avoid data loss in the first place. The best thing you can do is practice good digital security:
Don’t fall prey to social engineering or phishing, which is where an attacker attempts to have you reveal sensitive information to them. If you receive a suspicious email from your grandma or work colleagues, ask yourself whether it’s unusual before you click. If you’re not sure, contact the sender via a different medium, such as giving them a phone call, to cross-check
- Don’t install any software, plugins or extensions unless you know they’re from a reputable source. If in doubt, ask and only rely on trusted download sources. And certainly don’t be tempted to pick up USB sticks found on your pathway
- Update your software regularly to ensure you are always running the latest versions
- Important documents need to be treated like valued possessions. Grab a hand full of USB keys and rotate your backups daily or weekly, and don’t leave USB keys plugged in (current malware strains can scan removable USB disks). Having multiple copies means the adversarial effort on holding you for ransom is pretty much worthless.