Ransomware is becoming a leading attack cyber criminals take to extort money from an individual or business. Ransomware basically locks your computer making it a brick. In order to get your computer back operational, cyber criminals would request payment from you in bitcoin or other non-traceable currency. Knowing how to protect yourself from this negative and costly experience is the purpose of this Top 5. It’s not a matter of if, but when it occurs. Be prepared!
# 5 – Backups
Perform frequent backups of your system and other important files, and verify your backups regularly. If your computer becomes infected with ransomware, you can restore your system to its previous state using your backups.
Best practice is to store your backups on a separate device that cannot be accessed from a network, such as on an external hard drive. Once the backup is completed, make sure to disconnect the external hard drive, or separate device from the network or computer.
# 4 – Awareness
Organizations should ensure that they provide cybersecurity awareness training to their personnel. Ideally, organizations will have regular, mandatory cybersecurity awareness training sessions to ensure their personnel are informed about current cybersecurity threats and threat actor techniques. To improve workforce awareness, organizations can test their personnel with phishing assessments that simulate real-world phishing emails.
Be careful when clicking directly on links in emails, even if the sender appears to be someone you know. Attempt to independently verify website addresses (e.g., contact your organization’s helpdesk, search the internet for the sender organization’s website or the topic mentioned in the email). Pay attention to the website addresses you click on, as well as those you enter yourself. Malicious website addresses often appear almost identical to legitimate sites, often using a slight variation in spelling or a different domain.
# 3 – Educate
Learning what motivates cyber criminals and ways to protect yourself will further your chances of avoiding ransomware. Ransomware is a form of a malware. Educate yourself on learning about malware, phishing, data protection, and what drives cyber criminals.
More protection advice
Apply QA has partnered with Michael Pasono, a leader in data protection and systems quality to publish a book on this very topic. The book is called “Identity and Data Protection for the Average Person” and can be found on Amazon.
Learn about 3 main attacks causing a collection of your personal data. This book reveals many leading best practices in securing your identity and data from being harvested and limiting your risk for exposure if a data breach occurs.
# 2 – Protection
Most individuals and businesses get infected by ransomware by clicking links they should not. When you click on a link that has a malicious intent, a script or program is then executed to install in the background of a computer. Most times you are unaware of this. What this exploit does is open your computer up in the background for the cyber criminal connect and extract your data and/or lock-down your computer.
Leveraging anti-virus and malware scanning tools is a good best practice to follow.
We recommend checking out Malwarebytes subscription service (includes 25% savings) which allows for real-time scanning of malware.
#1 – Too Late
If by chance you do get infected with a ransomware attack or your malware scanner picks up potential ransomware, do not react emotionally and follow these steps:
- Home users: immediately contact your local FBI office or local U.S. Secret Service office to request assistance.
- Organizations: immediately report ransomware incidents to your IT helpdesk or security office.
- All users: change all system passwords once the ransomware has been removed. You can submit ransomware files to CISA for analysis via https://www.malware.us-cert.gov/MalwareSubmission/pages/submission.jsf.