A few months ago I started a series on Ransomware viruses. I paused the series because I felt that talking about computer viruses while a biological virus was spreading around the globe was inappropriate. However, hackers have used this pandemic to their advantage. As many small businesses have transitioned to using online and home-based computing services, this has opened up many new opportunities for hackers. As a result, I think it is important to return to the most insidious form of hacking: ransomware.

This month we have a guest article written by the editors of TechWarn, a security-focused blogging site with many useful articles about keeping computers safe both at home and in business settings. Below is a quick refresher on what Ransomware and some important steps you can take to minimize the risk.

___

Computer ransomware attacks are fast becoming the in-thing. They have been a commonplace attack in the cybersecurity niche, and cases like the WannaCry Attack, have made them more common and popular. Since the start of the Covid-19 pandemic, though, there has been a renewed surge in ransomware cases.

Truth be told, ransomware is not alone in these attacks. We have seen an increase in Business Email Compromise (BEC) attacks and malware phishing too. However, it seems ransomware is not receiving the kind of recognition that it should. That alone makes it very dangerous – even more so than the more traditional attacks we know about already.

What is Ransomware?

Ransomware is a singular term that was derived from a combination of two terms: ransom and malware, a type of malicious software that secretly collects information from computers without the owner realizing it.

Ransomware is a kind of attack where the hacker leverages installing the malware on the victim’s computer to hold the end-user at ransom. That is just telling half the story. After all, the victim could just eject the malware by themselves, right?

Wrong!

With malware attacks, the situation is much worse because hacker takes complete control of the computer or network and all of the files on them. These files are then encrypted, which means they are no longer usable, and only unencrypted after the victim pays a ransom.

The growth of untraceable payment methods such as cryptocurrencies has made it harder to track and catch ransomware attackers. They can now get paid and disappear into thin air since cryptocurrency transactions can be completed in complete anonymity.

What to Do Against Ransomware?

Looking at the working model of ransomware, it can be difficult to defend against these attacks. Thus, the best approach remains to make sure they do not happen at all, and prevention should be the first line of defense.

The following tips will ensure greater safety against ransomware attacks.

1. Keep Regular Backups

Organizations and individuals should always have backups of their files – especially the most important ones. A good backup practice is having online backups, which are continuously accessible, as well as offline backups, meaning they are only in use during the backup and restore operations and then turned off. This ensures that even losing one form of backup or access does not mean all the backups are lost.

With backup files on hand, victims do not have to give in to these attackers. They can reset their system from scratch and then restore the most recent backup to recover their files.

2. Avoid Phishing

One of the most interesting things about ransomware attacks is that they seldom occur in isolation. They are usually a combination of other attacks before they happen. This is where phishing attacks come into the mix. These are typically emailed solicitations for private or security-related information and then using that information to perform more invasive attacks.

As a rule, do not click on links in emails, texts, and messages – especially when the email is unsolicited or from an unknown sender.

If it seems like a legitimate email from your bank, work accounts, or any other entity that you have an account with, enter the link manually in your browser. That way, you are sure that you are not being directed to a malicious location where a hacker gets to steal your data. Enough to launch ransomware on you, at least.

3. Secure your Network

Yet another attack that could lead to ransomware are network hacks and breaches. This is one of the reasons why we seriously frown against using free or public Wi-Fi networks for anything at all.

Even when at home or within a trusted building that you conduct business in, we strongly advise the use of a Virtual Private Network (VPN) which is an extra software application that encrypts the connection at both ends of the communication. This secures your internet data whenever you are on the internet, preventing hackers from snooping or hijacking your data is in transit between the sender and receiver.

4. Avoid Untrusted Computer Connections

Refrain from connecting your mobile devices to computers you do not trust. These could be that computer in the library, that random laptop offered to you, etc.

This works both ways too, so ensure no one is plugging or wirelessly using any untrusted computers or devices on your network or your company’s network.

You should also install antivirus software to improve your security profile on this front. These kinds of software will catch most viruses before they get deployed on your devices.

5. Do Not Pay

If ransomware attacks do happen at all, do not pay the hackers. This may be the hardest recommendation to follow, but there are some very good reasons for this.

For one, you would be negotiating with organized crime entities, and history has shown that this rarely ends well. Likewise, hackers are not known to keep their end of the deal. They might just keep access to your files indefinitely and continue to blackmail you for a longer time. They could also use the first demand for a ransom to create a ripple effect for asking for more or worse, sharing their hack with other criminals.

6. Speak to an Expert

Depending on your personal or organizational data needs, there might be various hoops and loops that we did not explore here. Speak with an expert to know how exposed you are. The faster you do that, the faster you can start plugging those leaks before someone else finds them.

Note: This article was submitted by one of our readers. Thank you A.M. for sharing your knowledge & research.