Attacks by ransomware: your computer may be unprotected.
What is ransomware anyway?
Ransomware is a type of malware (malicious software) used by criminals to extort money. It stores data for ransom using encryption or by locking users out of the device.
Summary
First and foremost, this article teaches you everything there is to know about ransomware prevention. We explore the different ways to protect your computer and data from ransomware attacks.
Preventing ransomware attacks
First of all, in this section we provide tips on how to prevent ransomware attacks, from never clicking on unverified links to avoiding the use of unknown USBs. Read on to find out more about ransomware prevention.
In principle, avoid clicking on links in spam emails or on unknown websites. However, downloads that start when you click on malicious links are one way in which your computer can become infected.
Once the ransomware is on your computer, it will encrypt your data or lock your operating system.
As soon as the ransomware has something to keep like "hostage", it will demand a ransom so that you can recover your data.
Paying for these redemptions may seem like the simplest solution, right?
Yet that's exactly what the aggressor wants you to do.
In fact, it's important to bear in mind that paying these ransoms doesn't guarantee that you'll get access to your device or your data again.
Avoid Ransomware: don't open attachments from untrustworthy emails
Another way that ransomware can access your computer is via an email attachment.
First and foremost, don't open email attachments from senders you don't trust. As well as checking who the email is from and confirming that the email address is correct. Similarly, make sure you assess whether an attachment looks genuine before opening it. If you're not sure, contact the person you think sent it and check again.
Never open attachments that ask you to enable macros in order to view them. If the attachment is infected, opening it will execute the malicious macro, giving the malware control over your computer.
Only download from trusted sites
To reduce the risk of downloading ransomware, don't download software or media files from unknown sites, for example.
Also, look for trusted and verified sites if you want to download something, as the most reputable sites will have trust markers that you can recognize. That way, you only have to look in the search bar to see if the site uses 'https' instead of 'http'. A shield or block symbol may also appear in the address bar to check that the site is secure.
If you're downloading something onto your phone, try to download it from reliable sources.
For example: on Android phones, try using the Google Play Store to download your apps, for iPhone users use the App Store.
Avoid providing personal data
First of all, if you receive a call, text or email from an unreliable source asking for personal information, don't give it out.
Cybercriminals planning a ransomware attack may try to obtain personal data in advance of an attack. They can use this information in phishing emails with the aim of targeting you specifically.
So the aim is to convince you to open an infected attachment or link. So don't let the authors get hold of data that makes their trap more convincing.
If you are unexpectedly contacted by a company requesting information, ignore the request and contact the company independently to verify that it is genuine
Use mail server content checking and filtering
Firstly, using content scanning and filtering on mail servers is a smart way to prevent ransomware.
After all, this software reduces the likelihood of a spam email containing malware-infected attachments or links reaching your inbox.
Never use unknown USB's
Without a doubt, never insert USBs or other removal storage devices into your computer if you don't know where they came from. Since cybercriminals may have infected the device with ransomware and left it in a public space to lure you into using it.
Keep your software and operating system up to date
Keeping your software and operating system up to date will help protect you against malware. In this sense, by running an update, you guarantee the benefits of the latest security patches, making it more difficult for cybercriminals to exploit vulnerabilities in the software.
Use a VPN when using public Wi-Fi
Being cautious with public Wi-Fi, in principle, is a sensible measure to take. protection against ransomware.
In short, when you use public Wi-Fi, your computer system is more vulnerable to attacks. However, to stay protected, avoid using public Wi-Fi for confidential transactions or use a secure VPN.
Use security software
As cybercrime becomes more widespread, there is no doubt that the protection against ransomware has never been so crucial. Protect your computer from ransomware with a comprehensive Internet security solution such as FortiClient Endpoint.
In short, when downloading or transmitting, the endpoint blocks the infected files as well as preventing the ransomware from infecting your computer in order to keep the cybercriminals at bay.
Keep security software up to date
So, to benefit from the highest level of protection that Internet security software has to offer, keep it up to date. Each update will include the latest security patches and maximize ransomware prevention.
Do backup of your data
If you face a ransomware attack, your data will remain safe if it is backed up.
Make sure you keep everything backed up on an external hard disk. On the other hand, make sure you disconnect it from your computer when it's not in use. If the hard disk is connected when you fall victim to a ransomware attack, this data will also be encrypted.
Another important point is that cloud storage solutions allow you to revert to previous versions of your files. So if they are encrypted by ransomware, you can revert to an unencrypted version via cloud storage.
How to respond to ransomware attacks
Now you know how to prevent ransomware, but what if you've already fallen victim to a ransomware attack?
In the event of a ransomware attack, it's important to know what to do. Here are some simple steps to follow to minimize the damage.
Isolate your computer
If you face a ransomware attack, the first thing to do is disconnect from any network and the Internet. This isolates the computer and minimizes the chance of the ransomware infection spreading to other computers.
Never pay the ransom
Don't pay any ransom demanded by the cybercriminals carrying out the ransomware attack.
Like a real-life hostage situation, it's best not to negotiate with cybercriminals. Paying the ransom will not guarantee the return of your data - after all these people have already manipulated your trust.
Giving in and paying also encourages this type of crime. The more people pay ransoms, the more popular ransomware attacks become.
Start ransomware removal
To rid your computer of ransomware, follow our simple ransomware removal steps in the section below.
Ransomware removal guide
Follow the ransomware removal steps below to recover from a ransomware attack.
Step 1: Disconnect from the Internet
First, disconnect from the Internet to prevent the ransomware from spreading to other devices.
Step 2: Run a scan using Internet security software
Use the Internet security software you have installed to run a scan. This will help identify any threats. If it detects any risky files, they can be removed or quarantined.
Step 3: Use the ransomware decryption tool
If your computer is infected by encryption ransomware, you will need to use a ransomware decryptor to decrypt your files and data so that you can access them again.
Sophos continuously researches the latest forms of ransomware so that it can create ransomware decoders and then combat each new threat.
Step 4: Restore files from backup
If you have backed up your data externally or in cloud storage, restore a clean backup of all your files on your computer. This allows you to revert to a malware-free version of the software.
If you don't have a backup, wiping your computer and recovering your files will be much more difficult. To prevent this from happening, we recommend doing backup your data regularly . If you are prone to forgetfulness, take advantage of the automatic services of cloud backup or set calendar reminders yourself.
History of ransomware attacks
This article gave ransomware prevention tips, discussed how to deal with ransomware attacks and explained an easy ransomware removal process.
Now, let's explore three recent examples of ransomware. Since understanding how ransomware has spread before will help us understand why the protection against ransomware is so important.
Wolverine's rape
A ransomware attack hit Wolverine Solutions Group (a healthcare provider) in September 2018. The malware encrypted many of the company's files, leaving workers unable to access them.
Fortunately, forensic experts were able to work to decrypt and restore them on October 3rd. However, as a result of the attack, unfortunately a lot of patient data was compromised.
Names, addresses, medical data and other personal information may have fallen into the hands of the cybercriminals who carried out the attack.
Ryuk
Ryuk is a ransomware attack that began in August 2018. It differed from other attacks in the way it was able to encrypt network drives.
As a result, the hackers managed to block the Windows System Restore option, leaving users unable to recover from the attack unless they had an external data backup.
GandCrab
GandCrab is a destructive ransomware attack that occurred in January 2018. It had many versions and became famous as the infection spread rapidly.
The police worked closely with Internet security providers to produce a ransomware decoder to combat the effects of this attack.
