Ransomware searches for vulnerabilities in your software and operating system to find a way in and carry out its malicious plans. The WannaCry ransomware discovered a security hole in the Windows operating system and used it to spread across networks.
Vulnerabilities can be found in anything, like your email client, internet browser, server, and nearly any other software that connects to the vast internet. Vendors issue patches for their software very regularly, which you should install as soon as possible, as inconvenient as it may seem. It’s better to be safe than sorry.
Want an example? Microsoft had issued a patch for the vulnerability a month before the WannaCry attack, but unfortunately, hundreds of the thousands of computers hadn’t installed it.
With an antivirus—which you should definitely have, by the way—make sure that it’s set to automatically install the latest updates.
If you’re using an outdated operating system that is no longer supported, seriously consider upgrading to a newer version as well.
As long as you’re connected to that pesky internet, there’s no such thing as absolute security. Even networks and computers that aren’t connected to the internet (air-gapped systems) aren’t absolutely secure.
An up-to-date antivirus unfortunately can’t protect you against the thousands of unknown viruses that are created every day, and a patched system won’t stop a zero-day attack (an attack that exploits a vulnerability that isn’t publicly known).
Therefore, you should try to plug the holes in your network as best you can. All major operating systems usually come with easy-to-use and pretty effective firewalls. Make sure that firewall is always turned on, and only open ports that you absolutely need.
With that being said, turn off operating system features and software that you don’t need. That includes file-sharing services and browser plugins like Flash and Java, which are rife with security holes.
Another smart measure that can reduce your attack range is keeping your work on a limited account as opposed to an administrative account. By not using an administrative account, you’ll be successfully limiting the access of the malware in the unfortunate case it does strike.
Attackers often use phishing to deliver ransomware. Phishing is a type of scam that involves targeting victims with legitimate-looking messages that contain malicious links or infected attachments. Since the targets think the email comes from a trustworthy source, they’ll download and open the attachment, which will then deliver the ransomware.
So be very careful with the emails you receive, and don’t open any attachments unless you’re absolutely certain of the source. In case there’s any doubt, use the phone or social media to verify the authenticity of the message with the sender.
You should be very wary of certain file formats, including Microsoft Office documents (.doc, .xls), executables (.exe, .bat), and compressed archives (.zip, .rar). Cybercriminals commonly use Word macros to perform ransomware attacks.
You should always be prepared for the worst coming to pass. While there have been certain scenarios where ransomware encryption has been successfully reversed at no consequence, for the most part, nothing short of paying the attackers will decrypt your files. Ain’t nobody got time for that.
That is exactly why you should always keep solid backups of your files. For files that don’t need to be modified, such as pictures and videos, you can use old-school DVDs. For other types, you can use other removable media, such as thumb drives.
External drives can work well, but they’ll be useless if they’re connected to your computer when it becomes infected. Sorry.
Cloud backups are good too as long as you make sure they aren’t mapped to local drives. Ransomware can go through all your local drives and encrypt their content, whether they’re on your hard drive or in the cloud.
Lastly, be careful when storing your archives in shared folders. Certain breeds of ransomware will scan your network and find unmapped shared folders and encrypt their content too.