Ransomware is the hot new trend of 2016, and what an unfortunate fad it is. With high-profile cases coming in from across the globe, it's more important that ever to recognize the very real threat ransomware can pose to you and your business and take precautions to prevent it from happening to you.
While there is no magical solution that is guaranteed to prevent a ransomware disaster, you can stack the odds in your favour by following a few simple tips.
Backup, backup, backup
Ransomware works by holding your data hostage. While having your system encrypted is a huge hassle that will require a full re-install, the real threat is the loss of sensitive data that is irreplaceable or too valuable to lose.
But, they can't hold you hostage if you have it all backed up elsewhere. The hostage-takers lose all of their leverage right then and there. Like holding a gun to a clone's head, the stakes just aren't real if you know if you can just get a perfect replacement from the nearest cloning tube.
Of course, proper backups take work and dedication. One of the key frustrations with ransomware is that several of the most prominent scams like Locky and CryptoFortress actively seek out storage locations and backups to corrupt them as well. That means you have to keep your backups offline, an extra hassle to set-up. The more layers of effort backups take, the less likely they are to be perfectly current. Even with great backup procedures and hygiene, you're still likely to lose some data or time to a ransomware attack. Plus you need to factor in the time and hassle of restoring info after an attack. Even in the best of circumstances, you still lose time and productivity dealing with the issue.
Backups are a great precaution and insurance against ransomware, but they're not a silver bullet either. Think of them as one of your best tools against the threat, but not the only one you need.
Tighten up security
Run through a few quick checks to help ward off ransomware attacks before they even happen. Dial up the anti-spam filters on your email. Many of the most popular email services (such as Gmail) have adjustable degrees of strictness that can be tightened up to provide a more secure email experience. This is one of those things where the hassle of having a too strict filter (having to ask colleagues to resend the occasional mail, missing out on some ad) outweigh the possible negatives (losing all your data in one fell swoop or having to knuckle-under to cybercriminals).
While you're at it, go ahead and disable macros in your MS Office programs. This is something that few people use on a regular basis but creates a massive vulnerability for the unwary. Doc based macros were what exposed millions of Office 365 users to a ransomware attack in June.
You'll also want to make sure you're running a decent anti-virus program. The unfortunate reality is that anti-virus programs are not a guarantee against ransomware attacks, but they can help you limit the damage. Programs that are designed to quarantine and isolate sensitive information can be a real relief when you realize you've been compromised.
Patch yourself up
Yes, yes, this is the standard advice that is doled out with every blog about security. But, it's only so common because it's genuinely important. Patch. Everything.
Make sure you're running the latest version of your favourite browser. Unpatched and out of date browsers are like a screen door being battered around by the wind when it comes to system security. If you're running an out of date browser, your odds of exposure increase dramatically. Same with unpatched versions of Flash and Java. While it can be a hassle to respond to those naggy "please update and restart!” messages, they're essential to making sure you aren't leaving any easily exploitable vulnerabilities for hackers to take advantage of.
Obviously, this goes for your anti-virus program as well. New forms of ransomware are being developed every day and cyber security companies are doing everything they can to keep up. But all that work won't help you if you don't take the time to update the version you're running.
Keep your eyes open
You are still the most important line of defense when it comes to cyber security. You're also the weakest link. While ransomware is by nature a sophisticated computer crime, it still relies on very human vulnerabilities and accidents to gain a foothold in a system.
Most ransomware is distributed like countless viruses before it have been. Through shifty email attachments, links to malicious sites, and hidden secondary executables in pirated software. These all rely on the user making some kind of mistake. Clicking on a link because it looks credible. Downloading an attachment from someone they don't know. Grabbing the wrong warez file from a shady torrent site.
A solid understanding and awareness of how computer viruses get introduced to a system and what you can do to avoid them goes a long way to avoiding a ransomware attack in the first place. When education and awareness is combined with the above mentioned steps, you're as close to bulletproof as it gets when it comes to ransomware attacks.