Business IT

Ransomware defence guide

By Staff Writers on Apr 26, 2018 12:05AM
Ransomware defence guide

Editor's Picks

Venom BlackBook Zero 15 Phantom

How to Leverage the "Great Resignation"

How to fix crypto's quantum-computing security vulnerability

Transforming healthcare at the edge

Six steps to protecting your PC or network against GoldenEye, WannaCry and other ransomware.

Ransomware is now an ever-present threat, as evidenced by the latest GoldenEye and WannaCry outbreaks, as well as many other active ransomware threats.

See our Ransomware survival guide if you’ve been already infected by ransomware – although it’s far better to avoid that misfortune in the first place.

Thankfully, there are simple, common-sense steps you can take to help avoid ransomware:

  1. Don’t open email attachments from senders you don't recognise, even if they look very convincing
  2. If you receive a document from an unknown source, don’t open it and definitely don’t enable editing in Word as this will allow macros to run, which can be also used to download the ransomware
  3. Avoid clicking links on dubious-looking websites
  4. Make sure that all your software, including installed plugins, is up to date, because as we have seen with WannaCry, hackers use these vulnerabilities to attack your PC
  5. Install security software that can prevent an infection from encrypting files on your PC.
  6. Make sure you regularly back up.
Newsletter Signup

Get the latest business tech news, reviews and guides delivered to your inbox.

I have read and accept the privacy policy and terms and conditions and by submitting my email address I agree to receive the Business IT newsletter and receive special offers on behalf of Business IT, nextmedia and its valued partners. We will not share your details with third parties.

The first two issues can be mitigated to some extent by using an email security service such as MailGuard.

However, the first three measures also rely on the user’s behaviour, so if you’re the owner or IT/security manager of a business, regularly educating staff on these three points should be a key part of your defence plan.

Updating software

WannaCry was rapidly propagated on networks via a Windows server message block vulnerability. That vulnerability was patched by Microsoft in March, yet clearly many organisations had yet to update their systems two months later. 

It’s yet another example of why timely patching applications and operating systems are number two and three on the Australian Signals Directorate’s highly regarded Essential Eight cyber security strategies.

Individual users and small businesses can be protected by turning on automatic updates in Windows and their applications – or accepting updates when prompted to do so – and only using software that’s supported by the vendor.

Large organisations need to have a strategy of patching their systems in a timely manner. Patch management tools or the likes of Flexera Software’s Software Vulnerability Management solution may help.

The ASD discounts the idea that updates must be rigorously tested before they are deployed: “There is often a perception that by patching a system without rigorous testing, something is likely to break on the system. In the majority of cases, patching will not affect the function of an organisation’s ICT system. Balancing the risk between taking weeks to test patches and patching serious vulnerabilities within a two-day timeframe can be the difference between a compromised and a protected system.”

3-2-1 backup!

Most importantly, it’s vital that you back up all your documents and other important files to the cloud and/or another drive not connected to your PC or the network.

That means syncing to a cloud service like Dropbox – on its own – isn’t good enough. As the ASD says in its Essential Eight cyber security strategies, it’s vital to back up to a location that is otherwise not connected to the network or a computer, because ransomware and other malware can “encrypt, corrupt or delete backups that are easily accessible”.

We have published plenty of articles describing ways to back up your systems along with reviews of relevant products. The best advice is to follow the 3-2-1 rule – have at least three copies of your files stored in two different formats, with one copy stored off-site (so, not on your PC or hard drive).

Creating regular images of your drive that you can install in the event of an attack is also worth doing. Beware of using a backup that’s too recent though, in case it contains a copy of the ransomware that attacked the system in the first place.

Install anti-ransomware software

There are several tools from major software security companies that can protect your device from common types of ransomware.

Here are just a few:

  • Avast
  • Bitdefender Anti-Ransomware (or one of its full security suites) 
  • CryptoPrevent 
  • Cybereason RansomFree
  • HitmanPro.Alert
  • Malwarebytes 
  • Microsoft’s Enhanced Mitigation Experience Toolkit (EMET)
  • Trend Micro Ransomware Screen Unlocker Tool (or Trend Micro Security) 
  • Zemana Anti-Malware

Note that this list is by no means comprehensive, and we have not tested the above software. Bear in mind that some need to be run manually (they don't safeguard your system in real time) and most only protect against certain types of ransomware.

We strongly advise looking on anti-ransomware tools as only part of a multi-layered approach to ransomware defence. Don't forget the other five important steps.

This feature is based on an article that originally appeared at IT Pro.

Copyright © ITPro, Dennis Publishing
Tags:
ransomware security smb security guide software tutorial
By Staff Writers
Apr 26 2018
12:05AM
0 Comments

Related Articles

  • How an inside-out approach to data security ensures rapid ransomware recovery
  • How to lock down your web security
  • Why Australia is a testing ground for cyber-criminals
  • Under ransomware DDoS attack? Four tips to help your business navigate
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

Is your phone tapped? 5 ways to identify phone tapping

Is your phone tapped? 5 ways to identify phone tapping
Technology predictions for 2022 and beyond

Technology predictions for 2022 and beyond
The dangers of Apple AirTags and how to ensure you are not being tracked

The dangers of Apple AirTags and how to ensure you are not being tracked
Why organisations don't realise the full value of Microsoft 365

Why organisations don't realise the full value of Microsoft 365

Poll

What would you like to see more of on BiT?
News
Reviews
Features
How To's
Lollies
Photo Galleries
Videos
Opinion
View poll archive
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.