How to check for ransomware
Ransomware is a relatively new type of malware, but it has already become one of the most damaging cybersecurity threats currently in existence. Internet users need to be extremely vigilant about it. In fact, even if you only go online to check email, you still need to be very careful. With that in mind, here is a quick guide on how to check for ransomware.
Automate your checks as much as possible
In the early days of IT, you could largely avoid malware by exercising a bit of basic caution and common sense. This is still very much recommended, but it’s no longer enough on its own. You now absolutely must have a reputable anti-malware program with an integrated firewall. Your anti-malware product needs to be able to scan both websites and email attachments as these are the most common ways of spreading ransomware.
Be alert to social engineering
Social engineering is the technique of tricking people into taking the actions the fraudster needs them to require. There are numerous approaches to it, but most of them revolve around the technique of putting people under a few form of pressure to stop them from thinking before they click. This is why people are especially vulnerable to it.
If you’re managing your own computer, then you may want to think about putting some rules in place for yourself to help you to make decisions when you’re under time pressure (or any other pressure). You might want to look at ways to enforce those rules without having to rely on your self-discipline. For example, most browsers will allow you to set rules around privacy and security.
If you’re managing other users then your best approach is to automate first and to educate second. Education will not only support the automated defenses you put in place but will also make people aware of why you are doing what you are doing and hence, hopefully, deal with any resistance to your actions.
In the context of ransomware, you want to look for ways to block not just insecure sites but insecure content on sites that are believed to be secure, automatic downloads, and access to USB devices.
Blocking insecure sites matters because malicious and compromised websites are one of the major sources of ransomware infections. Insecure content on sites that are believed to be secure may be a sign that they have been compromised, possibly by ransomware, if not by something else you want to avoid.
Blocking automatic downloads is hugely important in preventing ransomware because they are an easy way for cybercriminals to attack computers. At present, it is believed that there is no “drive-by” ransomware, in other words, all ransomware has to be downloaded.
Blocking access to USB devices prevents attackers from gaining access to USB storage devices which may be attached to the main device. This stops them from attacking any files stored on these devices, but be aware that it will not prevent encrypted files from being automatically backed up to these devices.
It’s important to keep your operating system(s) and apps updated
One of the major challenges of ransomware is that enough people and organizations pay the ransom to make it possible for developers to keep updating their software. This means that cybersecurity products, operating systems, and apps all need to keep being updated too.
All of the major operating systems, both desktop, and mobile), are vulnerable to ransomware. For completeness, this means not just Windows, but also MacOS and Linux, iOS, and Android as well. Microsoft, Apple, and Google are all generally very proactive about not just updating the operating systems they support but about notifying users that the updates are available. With Linux, however, updates may be less frequent and the onus may be more on the user to check for them.
For completeness, it is extremely risky to go on using operating systems after they have ceased to be supported by the developer. If you must do so, then it’s strongly recommended to keep them entirely offline.
Any locally-installed apps will also need to be kept updated as they can also be a source of vulnerability. Cloud-based apps will be updated by the vendor, which is one of their many advantages.
An effective data backup system is your last defense against ransomware
An effective data backup system will not protect you against ransomware itself, but it will mean that if it does strike, all you will need to do is restore from your backup. This is likely to be much less painful than having to choose between taking your chances with paying the ransom and losing access to your files.