How you get infected with ransomware (and what to do about it)
The main ways you get infected with ransomware are email attachments, using the internet, and, to a lesser extent, through hardware (such as USB storage devices). Fortunately, there are steps you can take to protect against all of these. With that in mind, here is a quick guide on how you get infected with ransomware (and what to do about it).
Email may be one of the world’s most convenient ways of communication, but that convenience (and affordability) has also made it a tool for malicious actors. Automated email filtering has done a lot to reduce the spread of certain forms of malware. It’s now much more difficult just to throw out a load of malicious emails and hope that some of them hit a target. Automated filters are, however, unable to offer much, if any, protection against targeted social-engineering attacks.
This means that it’s long since stopped being enough to ask people to stop and think before they open email attachments. The hard truth of the matter is that even the best-informed people can be duped. Realistically, the only way to ensure protection against malicious email attachments is to have a policy that all email attachments must be scanned by a reputable anti-malware program before they are opened. This policy needs to be automated to ensure that it is applied every, single time without exception (no matter how busy or how senior the recipient).
Surfing the internet
In principle, there are all kinds of ways you can pick up ransomware when surfing the internet. In practice, the big two are social media platforms and malvertising.
Social media platforms have brought a lot of benefits, but they have also brought a lot of traps for the unwary. To be fair, the companies behind them are doing their best to address these. In fact, they need to address them to ensure the long-term survival of their service. In the mean-time, however, the onus is still very much on the user to protect themselves.
In the context of picking up ransomware through a social media platform, the main threat is short links. These are convenient. In fact, arguably they are essential on some platforms, such as Twitter, but they also conceal the nature of the link. In principle, it’s easy enough to check the genuine link. In practice, however, very few people are likely to bother, especially not when they’re scrolling through their social media feed on their lunch break.
Malvertising is a relatively new form of threat. It involves buying legitimate advertising space and then using the adverts for malicious purposes. The reason why malvertising is such a threat is that most website owners, even large ones, sell advertising space through agencies. These agencies tend to be all about volume and hence do not necessarily conduct rigorous checks on who is advertising with them or what the advert contains. This means that even reputable, “safe” websites can be compromised.
In principle, the easy way to deal with malvertising is to use an ad-blocker. This is exactly why so many reputable anti-malware products now include them (at least in their paid versions). The problem is that some websites only allow access to their site if the user permits adverts. This means that you need a Plan B and the obvious solution is to use a reputable anti-malware product with an integrated firewall.
It’s currently relatively uncommon for malware to be spread through hardware since it takes more effort (and hence more risk and cost) than spreading it digitally. Ransomware, however, can be very lucrative, which can make it worth the effort. Always remember that robust digital security rests on a foundation of robust physical security. What this means in practice will depend on the device.
For example, with desktop computers, it generally means securing the room in which they are held and securing access to any ports, especially USB ports. For mobile devices, it includes thinking about how they will be charged and trying to eliminate them being plugged into external USB ports such as the ones in public charging stations.
Keeping your system safe from ransomware
It is extremely risky to rely on the default security apps bundled with the main operating system. These are better than nothing, but the companies behind them are not dedicated cybersecurity companies and cannot be expected to have the same level of expertise as sector specialists. You need a proper anti-malware program with an integrated firewall from an actual security company.
You also need to ensure that you are rigorous about ensuring that your operating systems and locally-installed applications are promptly updated.
Please click here now to start your free 30-day trial of Xcitium AEP.
Endpoint Detection and Response
IT Service Management
Does Ransomware Steal Data