What really is Ransomware?

04 Jan
Industry

We’re writing this post specifically for the people who have absolutely no idea what ransomware is, or those who have heard the buzz word but don’t really know what it means.

It’s easy to read the word, and assume a definition, but can you really sit there and say you know EXACTLY what ransomware is? Don’t fret. We will explain in a practical, not technical language that you can easily understand, we will also help you protect against and prevent this type of attack.

What is ransomware?

Ransomware is one of the most damaging threats that internet users face. Ever since the infamous CryptoLocker first appeared in 2013, there has been a new era of file-encrypting ransomware delivered through malicious emails or websites, phishing attacks and exploit kits aimed at collecting money from home users and businesses alike.

average-ransom-300-en-1By definition, ransomware is ‘a type of malicious software designed to block access to a computer system until a sum of money is paid.’ Pretty simple, right?

Once the files are encrypted, the user will be unable to open or use the files, essentially you will be completely blocked from accessing them anymore. That is until the hacker demands a ransom be paid in exchange for the encryption key. On average, it will likely cost you $300 for this key. Yikes.

Nine best security practices to apply now

Thanks to Sophos, there’s hope to remain secure and prevent a ransomware attack. Staying secure against ransomware isn’t just about having the latest security solutions. Good IT security practices, including regular training for employees, are essential components of every single security setup.

 

Make sure you’re following these nine best practices:

1. Backup regularly and keep a recent backup copy off-line and off-site There are dozens of ways other than ransomware that files can suddenly vanish, such as fire, flood, theft, a dropped laptop or even an accidental delete. Encrypt your backup and you won’t have to worry about the backup device falling into the wrong hands.

2. Enable file extensions The default Windows setting is to have file extensions disabled, meaning you have to rely on the file thumbnail to identify it. Enabling extensions makes it much easier to spot file types that wouldn’t commonly be sent to you and your users, such as JavaScript.

3. Open JavaScript (.JS) files in Notepad Opening a JavaScript file in Notepad blocks it from running any malicious scripts and allows you to examine the file contents.

4. Don’t enable macros in document attachments received via email Microsoft deliberately turned off auto-execution of macros by default many years ago as a security measure. A lot of infections rely on persuading you to turn macros back on, so don’t do it!

5. Be cautious about unsolicited attachments The crooks are relying on the dilemma that you shouldn’t open a document until you are sure it’s one you want, but you can’t tell if it’s one you want until you open it. If in doubt leave it out.

6. Don’t give yourself more login power than you need Don’t stay logged in as an administrator any longer than is strictly necessary and avoid browsing, opening documents or other regular work activities while you have administrator rights.

7. Consider installing the Microsoft Office viewers These viewer applications let you see what documents look like without opening them in Word or Excel. In particular, the viewer software doesn’t support macros, so you can’t enable them by mistake!

8. Patch early, patch often Malware that doesn’t come in via a document often relies on security bugs in popular applications, including Microsoft Office, your browser, Flash and more. The sooner you patch, the fewer holes there are to be exploited.

9. Stay up-to-date with new security features in your business applications For example Office 2016 now includes a control called “Block macros from running in Office files from the internet”, which helps protect against external malicious content without stopping you using macros internally.

Connect with Secure Sense to protect data, your network, and systems 24/7, 365 days a year. If you have questions or want to learn more, please contact Secure Sense by calling 866-999-7506.

You can find Secure Sense on Facebook,  LinkedIn and Twitter. Follow us for current company and industry news.

SOURCE 1
SOURCE 2