How to protect a computer from ransomware
Ransomware may be the most hated form of malware currently in existence. It’s easy to see why. A cybercriminal basically taunts the victim with the prospect of getting back what is rightfully theirs but does not make any promises about it. The best way to deal with ransomware is to avoid getting it in the first place. With that in mind, here is a guide on how to protect a computer from ransomware.
Install a robust anti-malware program with integrated firewall
The first step in protecting a computer from ransomware is to equip it with a robust anti-malware program with an integrated firewall. This needs to be backed by a reputable brand so that you can be confident that it will be updated regularly.
For completeness, this is in addition to the default cybersecurity programs included with the mainstream operating systems. These are better than nothing, but they are not likely to be sufficient on their own, especially not against the likes of ransomware.
Both individuals and organizations are likely to find that cloud-based products are the best option. This is mainly because all the updates are managed by the vendor, who just deploys them on the server for the client to access when they connect.
This not only saves the hassle of downloading and installing updates (and the potential for mistakes) but also pushes all the storage requirements onto the back-end server rather than the local device. These days, that is a benefit even for regular computers, especially laptops. It’s even more of a benefit for mobile devices.
Microsoft, Apple, and Google are all very proactive about not just updating their operating systems but about informing users that the updates are there to download. At least, they are for the operating systems they continue to support. This is one reason why it is best to stick with operating systems that are still supported by their developers.
It may seem painful to mothball devices just because their operating system has been sunsetted by the developer, but the good news is that these devices can often be recycled for parts so they’re not being wasted.
If you must keep using a device with a non-supported operating system, then the safest option by far is to keep it entirely offline. If you can’t do that, then be extremely careful not just about what data you keep on it, but about staying logged into sites with sensitive data and also leaving storage devices attached to the computer.
For completeness, Linux is also vulnerable to ransomware. Mainstream distros tend to be updated fairly quickly when new threats are discovered, but it is usually down to the end-users to check for this. If you’re running a more niche distro, then you may need to arrange for it to be updated yourself.
On a similar note, any locally-installed applications will also need to be updated for much the same reasons. Cloud-based applications are managed by their vendors, which is one of the many reasons why they’re generally more convenient.
Make sure you practice safe surfing
These days, regardless of whether you’re an individual or an organization, safe surfing generally requires a combination of automated protections and human caution. This last point depends on an understanding of social engineering and how it works.
The key point to understand is that ransomware is generally spread through malicious/compromised websites and email attachments. At an individual level, you can generally use the security/privacy settings in your browser to help protect against these threats.
In particular, you at least want a warning when you might be accessing a malicious website or even insecure content on a safe website. You also want to stop automatic downloads and stop sites from accessing USB ports without your permission.
For completeness, a robust anti-malware product with an integrated firewall will also perform some or even all of these functions. That’s desirable because it means you have two separate systems effectively double-checking each other’s work for maximum security.
Even with these in place, users will still need to exercise some degree of caution themselves as social engineering attacks can take place by phone/VoIP. These can be particularly successful precisely because of the human element. Video-calls can be especially vulnerable to this sort of attack because of the extra visual clues which can be offered.
A robust data backup will cover you when all else fails
No form of cybersecurity can ever guarantee 100% protection 100% of the time. If, however, you have a data backup, then all you have to do is restore from it.
Please click here now to start your free 30-day trial of Xcitium AEP.
Endpoint Detection and Response