In order to protect from ransomware,
it is important to use good computing habits and security software.
The most important is to have a
saved and tested backup of your data that can be restored in the case of an infection or any other emergency, such as a virus, malware or ransomware attack.
You should also make sure that your computers are
not running remote desktop services connected directly to the Internet.
Instead, you should
always use a VPN service that the computer stays hidden and is only accessible to trusted users, those who have VPN accounts on your network.
Next defensive barrier is
good security software that uses behavioral detections to find and fight with ransomware. Old softs use signature detections or heuristics which is not enough these days.
The most known is
Malwarebytes Anti-Malware and is free in the basic version which is enough to scan the computer and find the threats.
Malwarebytes Anti-Malware contains behavioral detection that can prevent many ransomware infections from encrypting computer.
Make sure you are following these security habits, which in many cases are the most important steps of all:- BACKUP your valuable data.
- Encrypt your files
- Never open attachments if you do not know who sent them.
- if you know the sender and don't trust fully try to use a sandbox or other device with no valuable data.
- Scan all received attachments with tools like Virustotal.
- Do not connect Remote Desktop Services directly to the Internet, use VPN service like free Hotspot Shield.
- Windows updates should be installed as soon as they come out!
- Update all programs frequently, especially: Java, Flash, Adobe Reader, and all other because older programs contain security vulnerabilities that can be exploited by malware.
- Install good security software that uses behavioral detections or white list technology.
- Use only strong passwords.
- Never reuse this same password on other sites.
- Make sure your SPAM filters are working in the email software (largest distribution methods for ransomware is through SPAM emails).
- Enable the viewing of Extensions (Windows and macOS do not show the extensions of a file and makes it easy for malware distributors to trick users).
- Be careful of what you download from the Internet (Free downloads may also come with a hidden ransomware surprise).
- Rename vssadmin in Windows (ransomware infections will execute the vssadmin.exe command in order to delete all shadow volume copies on a computer).
- Disable Windows Script Host (infections are installed via attachments that are script files coded in JScript or VBS).
- Disable Windows PowerShell (Windows PowerShell is also used to install ransomware or even encrypt files).
- Disable Remote Desktop, otherwise change the port! (If you are using it, then you should change the port to something other then the default port of 3389).
- Setup Software Restriction Policies in Windows (Software Restriction Policies - a method that allows creating various policies that restrict folders an executable can be started from).
- Create Application White List Policy in Windows (Software White List Policy configure Windows programs to execute only what you specify. Prevent unknown programs from running and locks the computer down completely not allowing any unauthorized programs to run).
- Do not use an account with administrator privileges when using Windows for everyday computer usage.
- Never leave your network unsecured and try to make the WIFI password extremely strong.
- If possible try to use one computer only for banking and other important things (no email, no browsing, no downloading programs or open attachments on this machine) for all online activities use a different computer, with no important data.
- BACKUP!!!(The most important thing and guarantee for your data because sometimes after an attack the only way to restore data is to use the BACKUP copy).
ConclusionThough it may feel like there are a lot of steps, most of them require you to just
change your computing habits or perform a task once and not worry about it again.
If you follow these steps, not only will you be protected from ransomware, but also from almost all other malware.
Ochrona przed złośliwym oprogramowaniem i wirusami.https://www.bleepingcomputer.com/news/security/how-to-protect-and-harden-a-computer-against-ransomware