To protect yourself from ransomware, first, you should know exactly what Ransomware is.
Ransomware is a type of malware that encrypts the data of a computer and demands a ransom (usually paid in CryptoCurrencies) in order to retrieve or unlock the files from the device.
Although Ransomware has been around for decades, they have grown increasingly advanced in the last few years with their capabilities to spread, evade detection, encrypt files, and their ability to force users into paying the ransom.
This is why modern Ransomware is so dangerous, as it is almost impossible to break without completely restoring your files.
There are so many different forms of Ransomware, which use a wide array of areas to attack, such as:
Out of Date Operating System exploits (Windows XP, Vista and un-updated Windows 7 are all known to be vulnerable)
Outdated/Vulnerable Internet Browsers and Extensions
Malicious PDF’s and Zip files sent through email
Unsecure public Wifi
Protecting yourself from Ransomware
Ransomware protection involves keeping good habits when using a computer and the internet.
For example, you should:
Ensure your computer has a Firewall, AntiVirus and reliable AntiMalware programs.
Keep your operating system up to date.
Ensure your software is up to date.
Keep your internet browser and plugins up to date.
With these good housekeeping methods in place, your computer will be protected from most malware, and in the case of an unexpected attack, you’ll be able to restore your files and computer without having to pay a Ransom.
How to protect a business from Ransomware
It’s not enough to just protect your own devices from Ransomware when it comes to business.
Businesses are not exempt from Ransomware, in fact, they are prime targets for Cyber-Criminals. Ransomware costs businesses around the world more than $75 billion per year. It’s important to create safe work processes and a secure environment for workers, both in-office and remote.
Ensuring employees understand basic cybersecurity awareness such as Email Spoofing and the dangers of compromised websites, dangerous downloads and unsecured wifi is a must. Having a company-wide security policy and ensuring that new and old employee’s alike stick to it is essential.
With a business, the network is crucial. One compromised device can cause problems for the entire network. Make sure each computer is secure, with up to date antivirus and malware programs, active firewalls and up to date operating systems.
If ransomware does get past your antivirus, it’s likely that your antivirus update will be able to remove the attacker from your system – However, the problem remains that this does not unencrypt your files. The only reliable guarantee of recovery is maintaining a hardened cloud backup of your important files.
It’s important to back up your data; But backing up to an external hard drive, or even to the cloud is not enough. Some Ransomware is specifically designed to search out backup devices, even over the network and cloud storage. This means everything gets encrypted with little hope of a restore.
Protecting against this can be done through an external backup drive that you can then detach and keep separate from your network or using a secure cloud service such as FilingBox.
FilingBox is a network file server that prevents ransomware attacks. FilingBox operates on your PC as a network drive, but files are only able to be modified when requested via Windows Explorer, which protects them from ransomware attacks that try to encrypt files since it provides files with read-only access.
History of Ransomware
In 2017, the FBI’s Internet Crime Complaint Center received 1,783 ransomware complaints that cost victims over $2.3 million. These, however, are only the tip of the iceberg, according to a report from Sonicwall, 204 million ransomware attacks were seen last year alone.
Ransomware isn’t new, in fact, it has been used for decades, commonly targeting the healthcare industry. According to Becker’s Hospital Review, the first known ransomware attack occurred in 1989! Of course, this first ransomware attack was simple and held many flaws, with attackers writing their own encryption scripts.
Today, however, it has evolved into a much bigger threat, both in terms of accessibility with “off-the-shelf” Ransomware products such as “ransomware-as-a-service” and Ransomware Toolkits that are available to malicious actors, combined with the increased sophistication of these programs.
Ransomware was uncommon, so protection against it wasn’t needed until recently. It was in the mid-2000s that attacks started to become more common as they were able to utilize the extra sophistication in Ransomware tools and encryption algorithms such as RSA encryption.
In 2011, a ransomware worm emerged that imitated the Windows Product Activation notice, making it more difficult for users to tell the difference between genuine notifications and threats.
Between September and December 2013, CryptoLocker infected more than 250,000 systems.
It earned more than $3 million for its creators before the botnet that was used to carry out the attack was taken offline.
Cryptolocker’s files were analyzed and a tool was built to restore encrypted files, however, Ransomware continued to evolve with several imitation Ransomware variants being born that is still unbreakable.
CryptoWall became one of the biggest Ransomware threats and by mid-2015, CryptoWall had extorted over $18 million from victims, pushing the FBI to release a warning about this threat.
In 2015, a group known as the Armada Collective carried out a string of attacks against Greek banks. 20,000 bitcoin (€7m) was demanded from each bank.
Larger companies also face big threats and ransoms have been reported to be as high to $50,000, though a ransomware attack last year against a Los Angeles hospital system, Hollywood Presbyterian Medical Center allegedly demanded a ransom of $3.4 million.
In March of 2016, Petya (now being offered as a ransomware-as-a-service) began to operate.
Petya was incredibly dangerous as it could make a computer completely unusable, replacing its boot record with a ransom note rather than loading.
On Black Friday (November 25) of 2016, the San Francisco Municipal Transportation Agency fell victim to a ransomware attack that disrupted train ticketing and bus management systems.
Attackers demanded 100 Bitcoins as a ransom ($73,000 at the time). SFMTA was able to restore its systems and not pay the ransom, however, it was sobering for many to see.
The systems were down for two days, allowing passengers to ride for free during this time. Mamba or HDDCryptor is thought to be the Ransomware used in this attack.
Ransomware is a terrifying reality in the modern world.
Protecting yourself from Ransomware should be a priority when doing anything online. As we’ve seen, this can be done through the use of antivirus, malware and firewalls, along with a strong external backup.
At FilingBox, we firmly believe that adding the right prevention solution to your workflow is the safest way to protect yourself from ransomware.
Click here to request a free demonstration of the ultimate ransomware prevention solution.
For more details about FilingBox, contact us at firstname.lastname@example.org or call us on +1-813-445-7472.