How to protect yourself against ransomware!

How to protect yourself against ransomwareWhat is Ransomware

Ransomware is a type of malware (virus program) that tries to extort money from you by locking up all of your programs and data, making them unavailable to you. There are many variants, starting with CryptoLocker, CryptoWall, TeslaWall, KeRanger and many others. They hold your files hostage and hold them for ransom for hundreds if not thousands of dollars.

Most malware is no longer created by bored teenagers looking to cause some chaos. Much of the current malware is now produced by organized crime for profit and is becoming increasingly sophisticated. Criminals are making money hand-over-fist with ransomware and it is on the rise everywhere, even in your city.

Cybercriminals are exploring new ways to make attacks personal in an attempt to get inside the victim’s head. In terms of routines, these crypto-ransomware are getting more creative by using macros and scripts, displaying professional-looking pages, or by adding new functions to put more pressure on their victims.  Ransomware is sophisticated and affects every device connected to the Internet regardless of their make. No operating system is immune, it is a myth to think that your device (Windows, Mac, IOS, Linux, Android) cannot be infected.

Here are some of the current threats that have stood out in the first quarter of 2016:

  • KeRanger becomes the first ransomware that successfully targets Mac OS, IOS.  Several variants have since been reported and it is on the rise.
  • MAKTUBLOCKER sends email messages to targets that contain the users’ full names and mailing addresses in order to appear legitimate and further convince these users into downloading this crypto-ransomware
  • SAMAS/SAMSAM encrypts files across networks, by looking for and attacking systems running vulnerable JBoss web servers
  • CERBER adds a ‘voice’ capability to verbally abuse users into paying the ransom
  • PowerWare abuses Windows PowerShell in order to leave as little trace of infection as possible
  • PETYA overwrites an affected system’s master boot record and locks users out
  • JIGSAW copies all the user’s files, deletes the original ones, and destroys the copies incrementally until the ransom is paid.

New variants are arriving every week and Ransomware is now big business. Ransomware is a low risk, highly profitable business for these criminals.

How to Protect Yourself

 Step1

Reduce the risk of infection.  – Cybercriminals like to trick users into opening an attachment (file, picture, document) from an email or web site they are visiting.  This method is referred to as a phishing attack. Although not the only method used, it is by far the most common and easiest way to infect a device.

The message normally looks like a legitimate message and can be very sophisticated and professional looking. However, some are easy to detect since they have misspelled words or are using recognizable names such as a banks that you do not use, it is from the FBI or that it is from the IRS / CRA agency or that you won something.  The more sophisticated ones are about an outstanding invoice, incoming shipment or some other enticing communication.   In all cases, it is inviting you to click on the link.  When you do, it opens and runs the malware on your device and then scours the network you are connected to and infects every other device it can.

The first line of defense is to educate yourself and your staff about these malwares.  If you are not certain from whom the message is being sent, call them and confirm that the document was legitimately sent by them and is safe.  When an email states it is from somewhere such as your bank, but the email address contains the name of some other organization, be very suspicious, since most likely it is malware.

Get a strong email gateway spam filter installed on your email server.  These spam filters will reduce your chance for malware and spam.   However, they will never protect you 100%.  Cost effective third-party email spam filter services are also available if it is not available from your email provider.  Even if your email provider provides this service, you should supplement it with your own in-house line of defense.  Many anti-virus/antimalware products can provide some level of email spam filtering. Every device on your network should have a modern up-to-date anti-virus/malware software installed. (see Step 3 below for more information).

Step 2

Keep your computers and software up-to-date – Older computers and operating systems or unpatched operating systems and applications can be a source of infections.  Vendors offer important updates, which include security and other critical updates, to help protect you against defects and other security threats that can spread over the Internet or a network.  By insuring that all software is up-to-date will help protect you against malware.

Computers that are over 4 years old should be seriously looked at being replaced.  Not only are the new computers significantly faster, they also provide significant added security features that can help protect your business or home.  Old operating systems should be replaced for the same reason.  Currently Microsoft is offering a Free upgrade to Windows 10 (only available until July 2016), you should act now and upgrade for two basic reasons, one the cost savings (will cost more after July 2016), and second the significant added security and protection it provides.

Step 3

Install a modern anti-virus/malware software –With your computer/devices and your software up-to-date together with a strong e-mail anti-spam filter, your next line of defense is having a modern anti-virus/malware software on all devices. Note the word “modern”, in the previous sentence.  Many anti-virus programs do not provide protection for ransomware or spam.  If yours does not, then consider replacing it with a more modern solution which does. Using an old anti-virus that has not been updated is like having no protection at all.  Modern anti-virus/malware products get updated regularly (hourly) with new versions becoming available every year.  If you are not certain which one to buy, take a look at these web sites which review and rank anti-virus/malware products.  Look for products having anti-ransomware capabilities and protect all the devices you have.

http://www.av-comparatives.org/

https://www.av-test.org/en/

No anti-virus/malware product can totally protect you, that is why the first line of defense is educating yourself and staff about how these threats can affect your business and not automatically opening everything that is presented to you in an email or web site.  If you “think before you act” you will be far ahead in the cybercriminal game.

Accra Med Software Inc. –  Support Team