What are Ransomware?
Various types of malware that once they attack, they either lock your device or encrypt your files in a usually non-reversible way and then request payment to give their victims the key(s) to unlock their files.
What can I do to protect myself?
The biggest threat to contracting them is how you use your devices. Be more cautious with email attachments, suspicious links, suspicious apps and pop ups. Nearly all systems ask you to verify whether to run or install a program. Do not install applications that are not trusted, or from untrusted sources. If you really must, then make sure you have an active antimalware solution installed. Passive ones can often be too late, as they often do not prevent an infection.
- Always keep backups on a disconnected drive. Or online drive but make sure not to have your cloud storage password available on your system or the attacker could also encrypt those files. Unless the cloud provider allows version controlled backups. Use a unique but complex and strong password. If you're unsure on how to create one you can easily remember, read this.
- Use an active antimalware tool that goes beyond malware signatures, such as our partner Bitdefender or Webroot's equivalent solutions. Also, Bitdefender's antiransomware vaccine is a good free way to protect the weakest link - namely Windows machines, tricking the ransomware to think your system has already been infected and also some other tricks to block it from the system. It can protect against known and possible future versions of the CTB-Locker, Locky and TeslaCrypt crypto ransomware families by exploiting flaws in their spreading methods. You can download this from Bitdefender here. For more complex or business installation, arrange a consult with us to talk about how to protect your whole infrastructure and all devices using Bitdefender's #1 rated antimalware engine.
- If I contract the ransomware infection do you recommend paying the criminal?
If you can avoid it, don't pay or you're helping spread it and its practices. Try to see if you have all the files you need from your backups, online storage provider - and in some cases if the attacker compromises that too you may be able to recover earlier versions before the attack. Contact your cloud storage provider for more details.
- Why are AV solutions so poor at blocking ransomware?
A lot is indeed blocked, but they can't block any ransomware, only older versions or what is similar to them. So a new brand might get passed the protection. The vaccine tool offers an extra layer, but can't guarantee 100% - the weakest link is you, the user. Be more mindful of how you use your devices, and do not run, install and definitely do not give administrative privileges when asked or if unsure. We're here to help, seek out more knowledgeable contacts in your network. Or if you lack those, feel free to read more in our IT Support section.
- If you have an unlocked phone, in no situation give an illegitimate app full administrator privileges. If you see a ransomware trying to lock you out of your phone, reach out to a more knowledgeable contact. If you do not have a rooted/hacked device then there are ways to uninstall the malware from the recovery mode.
- Use complex user passwords to protect network shared resources, or turn them off and find another way to share files on networks through software apps that use good encryption. Some versions of this type of malware will scan and attach, and also encrypt network shares
- Don't be too worried though about fake ransomware pretend to lock your browser, much easier to get rid of. They're only inside your browser and can be cleared often by simply resetting your browser, directly - or with a utility if you're not already a Bitdefender user. In some cases, phishing attacks may be trying to trick you into installing something that will then be the real source of an attack for you. Be skeptical of popups and messages.
- Cloud service providers have to be very mindful as there are versions of these attacks that could affect their cumulative user base. Let us know if you'd like more information on this by contacting us.