How to protect your computer from ransomware
If you have a computer, you absolutely must protect it against ransomware. This is one of the nastiest forms of malware in existence. Fortunately, all it takes is some affordable software tools, common sense, and a bit of planning to stay safe from it. With that in mind, here is a quick guide to how to protect your computer from ransomware.
Invest in a reputable anti-malware program with integrated firewall
To be clear, all the main operating systems are vulnerable to ransomware. That means Windows, MacOS, Linux, iOS, and Android. Current versions of Windows, MacOS, iOS, and Android all come with native security programs. It is, however, risky to rely solely on these for protection against ransomware. At the end of the day, none of the companies behind these programs are actually specialist cybersecurity companies.
You should supplement these programs with a proper anti-malware product from a known cybersecurity company. The good news is that if you are a private individual wanting a product just for personal use, there is a very decent chance that you can get one for free. Even paid options, which can have more functionality, are often very affordable. Businesses have to expect to pay, but again, you can get some great products at prices SMBs can afford.
At this point, it is generally best to look for cloud-based products. These offer two big advantages over their locally-installed counterparts. Firstly, the vendor takes care of all the updates, thus eliminating one job at the user side (and the potential for human error). Secondly, they shift most of the storage and processing away from the local computers (and mobile devices) and onto the back-end servers. This minimizes the hit to the performance of the local device.
Make sure your operating system and local apps are updated promptly
Microsoft, Apple, and Google all produce regular updates for their current operating systems. They will also generally send notifications when these updates are ready. In principle, users should install these immediately. In practice, it can be reasonable to wait a few days just to confirm that the updates work as expected and do not contain any nasty surprises. A week, however, is really about as long as you should wait. Remember you need to balance the inconvenience of a questionable update with the security risk of not updating.
Popular Linux distros also tend to be updated fairly regularly, but the open-source nature of Linux means that the onus is generally on the users to inform themselves of what updates are available. In fact, you may even need to organize your software to be updated to make sure that you are protected against current threats.
At this point, you should really only connect to the internet from computers and devices which are on an active operating system, i.e. one which is still supported by the vendor. If you absolutely must use a sunsetted operating system, then keep the device offline if at all possible.
If this is not possible, be very careful not just about what data you store on it but about staying logged in to sensitive websites and about keeping storage devices attached to it. Switch the device off completely when out of use.
If you’re still using locally-installed software, then this will need to be updated too. You will generally be prompted about this, but sometimes there is a setting you need to check for this to happen. If you’re using Software as a Service (cloud-based software) this will be managed by the vendor.
For completeness, if you know that managing updates is a weak point in your organization, it really is worth taking the time to address this. Either sort out the necessary internal resource or get a managed IT services provider to deal with it for you. If your finance team needs convincing, then look at the WannaCry attack of May 2017 as a case study in why updates matter.
Be alert to targeted social engineering attacks
Phones/VoIP calls are increasingly becoming a potential security issue as there is currently limited scope for protecting against them. It may be possible to block known spam numbers but the problem is that you have to know them first. Video calls can be particularly vulnerable as attackers can often pick up visual clues from the background. Make sure you stay informed about current trends in social engineering and educate your staff appropriately.
Have an effective data backup process
Your data backup process can’t exactly protect your computer from ransomware but it can protect you from having to choose between paying the ransom and losing your files.
Please click here now to start your free 30-day trial of Xcitium AEP.
Endpoint Detection and Response