How To Protect Yourself From Being Ransomware Victim?
The world has experienced a major ransomware attack involving countries like UK, Russia, India and China where around 45,000 attacks were recorded which may have originated from the distribution of the NSA hacking tool. Reuters reported the ransomware called “WannaCry” demanded payments between $300(approx Rs 19000/-) to $600 (approx Rs 39000/-) in bitcoin to unlock data on a single system. Well, all this pain is serious and maybe avoided with certain precautions.
According to many cyber security experts, the attacks prove the importance of updating the computer operating systems and security software for businesses and other large organisations.
The recent attacks largely infected networks using outdated software such as Windows XP which Microsoft has already stopped giving Technical Support.
Dan Wire, a spokesman for security firm FireEye said – “There’s some truth to the idea that people are always going to hack themselves. You’ve got to keep your systems updated.”
Usually, hackers use email links as baits, where users click on the infected attachments or they simply take advantage of outdated and vulnerable systems. In terms of the severity, the attacks carried out this weekend were extremely lethal as it infected all other computers on a network even if just one user clicked a bad link or attachment.
How to protect yourself from being ransomware victim?
1.Lawrence Abrams a reputed blogger from New York who runs BleepingComputer.com said – “Many organisations don’t install security upgrades because they’re worried about triggering bugs, or they can’t afford the downtime.” According to him, backups are helpful in situations like this but sadly not many have them. Either the backups are outdated or missing critical information. He suggests a recovery in case of this attack would be worth trying to recover the “shadow volume” copies some versions of Windows have.
We would say you are lucky if your problems are fixed as some ransomware at times also target backup files as well.
It is important to have copies of backup onsite, offsite which includes physical disk drives and cloud locations. The backup frequency should be regular and at frequent intervals. It’s always advisable to take backups on external media which remains entirely disconnected from your network.
2. The reasons for the ransomware to have such a huge influence on networks across the world was a huge security hole in Microsoft Windows, negligence on the part of users not updating the Windows March patch and of course, the malware was designed to spread quickly once inside the university, business and government networks. Though updating the software will take care of some vulnerability.
The system mostly hit were the ones using Windows XP, Windows 7 and Windows 8, Microsoft has stopped providing service to all these versions a year ago. Since the magnitude of the attack was so huge Microsoft in a move to control the bleeding released a patch for older systems.
Reacting to the event Darien Huss, a senior security research engineer for cyber security firm Proofpoint, who helped stem the reach of the weekend attack said –
“Hopefully people are learning how important it is to apply these patches. I hope that if another attack occurs, the damage will be a lot less.”
Another cyber security expert Cynthia Larose at Mintz Levin said – “There’s a lot of older Windows products out there that are ‘end of life’ and nobody’s bothered to take them out of service,”
3. Though this is a known practice yet many users fail to comply using antivirus software. It is always advisable to install antivirus and keep it updated to protect your computer systems from known viruses. It is a known fact cyber criminals always on the lookout for taking advantage of less tech-savvy users with such known viruses, though malware is constantly changing and at times antivirus fail to detect the latest malware at times.
4. Setting up a basic protocol for the organisation and its employees not to click questionable links and open suspicious attachments can save a lot of trouble. Putting network accessibility restriction in place and discouraging unwanted access to parts of the network that aren’t critical to their work. These precautions will help control the spread of the ransomware in the case of a hacker attack.
5. In case of a ransomware attack disconnecting or shutting down a network can prove to be helpful in preventing it from infecting more files. Though hackers will encourage you to keep your computers on and linked to the network.
Most of the law enforcing and cyber security agencies discourage organisations from paying ransoms as it gives incentives to hackers who will be further empowered to pay for their future attacks. 100% restoration is also not guaranteed yet some organisations end up paying the ransom as they don’t have updated backups and wish to regain access to the critical data files having consumer data and avoid public embarrassment.