Security - Beware the Rise of Ransomware.

Search through

and through

and in

with

order by

Go >>

<< Back

1 2 3 4 5

articles per Page.

Beware, the Rise of Ransomware

What is ransomware?

Ransomware is a type of malware that prevents or limits users from accessing their system, either by locking the system's screen or by locking the users' files unless a ransom is paid. More modern ransomware families, collectively categorized as crypto-ransomware, encrypt certain file types on infected systems and forces users to pay the ransom through certain online payment methods to get a decrypt key.

How do you get infected with ransomware?

Users may encounter this threat through a variety of means. Ransomware can be downloaded onto systems when unwitting users visit malicious or compromised websites. It can also arrive as a payload either dropped or downloaded by other malware. Some ransomware are known to be delivered as attachments from spammed email, downloaded from malicious pages through malvertisements, or dropped by exploit kits onto vulnerable systems.

Ransomware: What choice do you have?

So many organizations have found themselves between a rock and a hard place upon being infected by ransomware. They don't necessarily want to pay the ransom, but if the data at stake is worth more or about the same amount money being demanded by hackers, what choice do they have?

More importantly, who's to say that they will actually decrypt the files once the ransom is paid?

What can you do to shield your systems?

1. First and foremost, be sure to back up your most important files on a regular basis.
Ideally, the best defense against ransomware is to outwit attackers by not being vulnerable to their threats in the first place. This means backing up important data regularly, so that even if your computers get locked, you won’t be forced to pay to see your data again. Store one copy in the cloud, resorting to services like Dropbox, and the other on offline physical media, such as a portable hard drives.

2. Use a reputable security suite
It is always a good idea to have both anti-malware software and a software firewall to help you identify threats or suspicious behavior. Malware authors frequently send out new variants, to try to avoid detection, so this is why it is important to have both layers of protection. And at this point, most malware relies on remote instructions to carry out their misdeeds. If you run across a ransomware variant that is so new that it gets past anti-malware software, it may still be caught by a firewall when it attempts to connect with its Command and Control (C&C) server to receive instructions for encrypting your files.

3. Refrain from opening attachments in emails that look suspicious.
Not only does this apply to messages sent by unfamiliar people but also to senders who you believe are your acquaintances. Phishing emails may masquerade as notifications from a delivery service, an e-commerce resource, a law enforcement agency, or a banking institution.

3. Think twice before clicking.
Dangerous hyperlinks can be received via social networks or instant messengers, and the senders are likely to be people you trust, including your friends or colleagues. For this attack to be deployed, cybercriminals compromise their accounts and submit bad links to as many people as possible.

4. Patch and keep your operating system, antivirus, browsers, Adobe Flash Player, Java, and other software up-to-date.
This habit can prevent compromises via exploit kits.

5. Install a web browser add-on to block popups.
Web browser popups can also be used as an entry point for ransom Trojan attacks.

6. Use the Cryptolocker Prevention Kit.
The Cryptolocker Prevention Kit is a tool (Free and Premium Editions) created by FoolishIT that automates the process of making a Group Policy to disable files running from the App Data and Local App Data folders, as well as disabling executable files from running from the Temp directory of various unzipping utilities. This tool is updated as new techniques are discovered for Cryptolocker, so you will want to check in periodically to make sure you have the latest version.

If you need help setting up, see our guide below.

7. Install Cybereason RansomFree.
The RansomFree is a new free tool that runs in the background, constantly watching for possible threats that try to access your files. It even sets-up 'Honeytraps' in order to make ransomware give itself away, then instantly killing the ransomware.

Unlike antivirus, this program doesn't need definitions to detect ransomware, which could mean it can stop ransomware that as yet has not been identified.

The install process is very straight forward and does not need any configuring. Simply download from here, then run the installer and your done.

8. In the event a suspicious process is spotted on your computer, instantly turn off the Internet connection.
This is particularly efficient on an early stage of the attack because the ransomware won’t get the chance to establish a connection with its Command and Control server and thus cannot complete the encryption routine.

Stay protected, stay safe oline.

Ransomware is definitely today’s number one cyber peril due to the damage it causes and the prevalence factor, the countermeasures above are a must. Otherwise, your most important files could be completely lost.

The key recommendation, though, is the one about backups – offline or in the cloud. In this scenario, the recovery consists of removing the ransom Trojan and transferring data from the backup storage.

Currently, dealing with the consequences of ransomware isn’t very promising from the file decryption perspective. That is why thwarting the virus attack can save you a pretty penny and guarantee peace of mind.

Setting up the Cryptolocker Prevention Kit.

Firstly go to the website to download your chosen version of the Cryptolocker Prevention Kit. Remember where it downloads to.

Now go to where the CryptoPreventSetup.zip file downloaded and right click on it.
Choose 'Extract Here' to get the install file from the compressed zip file.

Now you should see the CryptoPreventSetup.exe install program appear.
Double click on the CryptoPreventSetup file to start the install.

Now lets follow the install wizard through, click on Next.

Click on to accept to the agreement, and click on Next.

Leave the shortcut on Desktop box ticked and click next again.

Now we are ready for the install, click on Install to continue.

Once the install completes, leave the option Run CryptoPrevent ticked and click on Finish.

The CryptoPrevent program will now start. If you have purchased a premium version, click 'Yes' otherwise if running the free version click 'No'.

Click OK to continue.

Select your level of protection. If you want to just set it up and forget about it choose 'Default'. If you want 'Maximum' protection CryptoPrevent offers, select that. Remember if installing or uninstalling software you will need to come back and change settings to none before doing so. Then after uninstalling or installing re-enabling CryptoPrevent protection.

Finally click on 'Apply Protection Plan' and once settings are set restart computer at the prompt.

Note: If running the free version remember to start the CryptoPrevent program and click on the 'Updates' tab and click on the 'Check for Updates Now' regularly to stay fully protected with the latest threats.

I hope this helps and stay safe online.

<< Back