By David Wood, Director of Global Sales at Chetu, Inc.
Ransomware is one of the cruelest pieces of malware around. It makes it so you cannot access anything on your computer, tablet, or phone. It encrypts everything! Then, the perpetrators ask for money, usually untraceable cryptocurrency like Bitcoin, and if you pay, they will supposedly give you the key to decrypt your files. There’s nothing to say, though, that these disagreeable folks will give you the key. The payments usually range from hundreds to thousands of dollars. Despite online evildoers branching out into other methods, ransomware attacks rose in 2018. You must take action to safeguard both your data and your ability to operate. Here’s how:
Backup your files both locally and in the cloud
If attackers encrypt everything you have and ask for money, you can always restore your data from a backed-up source. You should choose several backup options. First, back up your files locally. Windows 10 offers you the chance to do this through its “Backup and Restore” feature. This creates a full system image that you can re-install after a ransomware attack. You can even create a Windows repair disk that will help you through it.
Better still, perform a full disk clone. You’ll need a hard drive at least as big as the one on your computer to do this because it will copy everything from your hard drive. If someone does something nefarious to your computer, you can use the image to recreate the system at the time of backup. It’s a good idea to do this on a regular basis. Monthly, or even weekly, would be just right if you have sensitive data to protect.
You should also choose multiple sites in the cloud. There are a half-dozen famous cloud computing choices for doing this, and even though they only give you about 2 GB for free, you can easily purchase more from them inexpensively. They are limited, however, so you should also engage a professional online backup service.
It is important to note that you should create two separate backups: one that restores the computer to the factory settings and one that creates a recent image. Redundancy is a key component in keeping your data safe.
Segment your network
Network segmentation is the concept of separating portions of your data from each other for protection. Even though the more segmented a network is the safer it is, you have to be careful not to segment the network to the point that you either lose efficiency or functionality.
The chief security benefit is that anywhere in your network where a criminal breaks in will be contained. The attacker won’t be able to access the entire system, nor will the attacker be able to affect other areas of the system from the place of the break-in.
Taken to extremes, which might be necessary in cases of ultra-sensitive material, you can also segment the network from the internet itself and have it function completely internally. That way, the only way to access the system is from inside the company. It’s the ultimate fraud protection.
Update and patch your computer
Updating to the latest version of your operating system and installing all patches is a necessary bulwark on your line of defense against attackers. Five or six years ago, one in 10 computers were running without proper patches. That’s an open invitation to attackers.
When you operate a large network, it’s entirely possible that certain components on that network don’t have the right version of the software, are lacking the correct patches to fix back doors and other bugs, or even have any protection at all. What you have to do is take stock.
That involves scanning everything. You have to know which computers, servers, and other components on the network need an upgrade, patching, or complete reprogramming. Once you know what’s what, you can begin the updating process. While doing so, you should segment the network.
Open email attachments with caution
It should go without saying, but you can never be too careful when opening email attachments. This maxim applies even when it comes to internal emails from people whom you trust. The best defense is to trust your instinct. If something doesn’t seem right, delete the email and send a message to the sender. Ask that person, “Did you send me an email with an attachment?” If the answer is yes, simply explain that something seemed not right and that you deleted it. Ask for a resend.
If you don’t feel comfortable deleting an email from your boss, for example, you can do the following instead. Save the attachment to your desktop instead of opening it. Scan it by itself with your antivirus software. If it comes back clean, open the attachment. Be sure your security software is both fully up-to-date and configured correctly with proper signatures.
Use caution with links and when entering website addresses
These areas are most important when you make online payments or enter other sensitive information online. Links in emails are, possibly, even more, dangerous than attachments. A sophisticated phisher, for example, can make a link look just like any widely recognized company or online-payment method.
The best way to combat this method is to copy and paste the link into your browser. That way, you’ll see if it’s real or if it’s fake. A good rule of thumb is: if you were not expecting a link in an email, never click on it. Do the “copy-paste trick.”
About the Author
David Wood is a Director of Global Sales at Chetu. His primary responsibilities are to lead, track, and manage technical teams that create custom software solutions within the IT security industry. His background includes energy and diverse commercial organizations.