Oct 20

Top Tips to Block Ransomware

Friday 20 Oct 2017

The fact that a particular attack died down does not mean the threat is over. That ransomware code is still around, just waiting for another cybercriminal to tweak it, make it more dangerous, and rerelease it with a new name such as WannaCry.

That means IT pros and service providers must be ever on guard. The good news is with essential protections in place, you can protect your end users and clients from the ongoing ransomware scourge.

Today there are two main styles of ransomware. The more purist version uses generally unbreakable encryption to make the data completely unavailable. The other technique simply locks down the operating system, disallowing access to the user files. Winlocker is an example of this latter approach.

Ransomware can spread in a variety of ways, so a variety of protective measures are required. Ransomware can spread through:

Spam that includes malicious links or attachments
Exploiting vulnerable software such as unpatched operating systems
Code injections into otherwise legitimate websites
Botnets that spread ransomware from machine to machine

Here are top tips to insure you or your clients never run afoul of ransomware.

Keep a Backup

Ransomware works by locking up precious data, and if it is worth enough, you will pay the ransom. Having an up to date backup that is easily accessible and restorable makes that ransom moot. A cloud backup solution is ideal, even if you already have a tier of backup already on-premises.

Restrict User Access and Permissions

The more privileges a system has, the more power the hacker gains by breaking in. Keep admin privileges to a minimum so those that spread ransomware cannot run roughshod. As an admin or MSP, resist the urge to disable User Account Control (UAC)

Use Two-Factor Authentication (2FA)

Often ransomware spreads through credential cracking. Having a second level of authentication can stop that in its tracks.

Use Up to Date Applications and Operating Systems and Keep Them Updated and Patched

Most successful exploits are against unpatched systems, including many ransomware variants. And more recent operating systems and apps are better protected from incursions. Keep your systems up to date, and less vulnerable to attack.

Use antivirus/antimalware software

Ransomware often comes in the form of a virus or malware. With up to date antivirus/antimalware software, these attacks can be automatically detected and the malware quarantined and neutralized.

Here are more tips to stay safe:

Install an ad blocker as pop ups can carry ransomware
Minimize plug-ins such as Java and Flash
Turn off macros in Microsoft Office and other apps
Teach end users to not open suspicious email, open attachments they were not expecting and to not click links in emails they did not ask for.

Proper antivirus and endpoint protection, such as that offered by Pulseway in a neat mobile package, can make the difference between being a ransomware victim or ransomware hero.