How to protect yourself against a Trojan ransomware attack
In cybersecurity terms, a “Trojan” is simply a form of malware that relies on tricking a user into activating it. Trojans can be used for many purposes, including spreading ransomware. Ransomware is essentially a form of malware that tries to make its victim pay the attacker to solve a problem. There is already a significant quantity of ransomware in circulation and more is being created all the time. With that in mind, here is a quick guide on how to protect yourself against a Trojan ransomware attack.
Understand the main forms of Trojan ransomware
Trojan ransomware comes in three main forms, scareware, lockware, and encryption ransomware. Scareware and lockware are both essentially intimidation tactics. Scareware is nothing more than an intimidating message with a demand for payment. Lockware really does create a problem in that it locks you out of your computer, but it can generally be bypassed easily by booting into safe mode and either running an anti-malware scan or restoring to an earlier time point and then running an anti-malware scan.
Encryption ransomware, however, genuinely does encrypt files. This means that even when you have removed the initial infection (which is usually just a matter of running an anti-malware scan), you still have to deal with the damage it has caused. The only guaranteed way of regaining access to your files is to restore from a data backup. This is one of the many reasons why it is essential to have a robust data backup process in place.
Preventing Trojan ransomware attacks
Your number one priority should always be to stop Trojan ransomware (or any malware) from getting into your system at all. Realistically, however, even with the best defenses in the world, you can never be 100% sure that you have eliminated all points of entry. That being so, you need to work on the assumption that a Trojan ransomware attack is going to happen at some point and hence you need to be ready to deal with it.
There are two key precautions you absolutely must take. The first is to store your data encrypted and the second is to make sure that you have an off-site data backup. If you’re in the cloud, this means in another cloud (or off-line). Neither of these precautions will protect you from Trojan ransomware. Each of them will, however, help to mitigate the consequences of an attack.
Encrypting your data (or at least your sensitive data) will stop you from needing to worry about data theft. This must be one of your most significant concerns. Even if you pay the ransom, the cyberattackers may still use or sell your data. They may just do so discreetly so you only find out about it much later. If you don’t pay the ransom, the cyberattackers may just make their money by using or selling your data or they may expose it to embarrass you.
Local data backups are very vulnerable to compromise if the local production system is attacked. That’s why it’s important to have an entirely separate backup system. Ideally, you will also keep data backups from different time points, just in case, it takes you a while to detect the encryption. As a bonus, this will also lay the foundation for a business-continuity/disaster-recovery solution.
Trojan Ransomware: Encryption ransomware
Modern cybersecurity rests on three main pillars. Firstly, you need a reputable anti-malware program with an integrated firewall. It is extremely risky to rely on the security apps provided with the main operating systems. None of the companies behind them are security specialists and hence cannot be expected to have the same level of expertise as the dedicated security companies.
Secondly, you need to be scrupulous about applying security-related updates promptly to all operating systems and to any locally-installed apps you still use. Cloud-based apps will be updated by the vendor. Some companies may wish to hold off applying updates for a day or two so they can look out for feedback on whether other users have had any problems with them. Remember, however, that this is a trade-off between convenience and security.
Thirdly, you need to practice/enforce the safe use of computers (and mobile devices). These days, that doesn’t “just” mean safe-surfing and emailing (although that’s obviously a huge part of it), you need to think about physical safety as well.
For example, it’s generally advisable to restrict what devices can use USB ports on your own machines and to do as much as possible to stop your devices being plugged into external hardware, for example, use charging banks instead of public charging stations.
Please click here now to start your free 30-day trial of Xcitium AEP.
Related Sources:
Endpoint Detection
Endpoint Detection and Response