Stop Ransomware Attack
Ransomware is a type of malware used by cybercriminals to hold a victim's computer hostage and deny the user access to it or the data stored in it. The cybercriminal holds the victim's computer or data hostage until the victim pays the ransom.
After the initial infection, the ransomware may spread to other shared network drives and other computers that are connected to the victim's computer. If the victim doesn't pay the ransom, their computer or encrypted data remains unavailable, or the cybercriminal may delete the data.
Despite the alarming nature of the ransomware threat, the way ransomware infiltrates a computer is no different from the methods used by other malware threats.
How Ransomware Spreads
Ransomware spread through the following methods:
- Spam email messages that trick users into downloading a malicious file attachment.
- Exploit kits that silently download the ransomware onto the victim's computer while they browse a seemingly benign website.
Once you are aware of a ransomware infection on your computer, make sure to disconnect the internet connection to your computer. Since the hackers may have access to your personal information or may even be using your computer to attack other computers, it is advisable to take your computer offline as quickly as possible.
Follow these tips to avoid ransomware attacks:
#Back up Your Computer Regularly
Make sure to back up your computer regularly. Back up your important files and documents in cloud storage or on an offline system. This can save your data even if your computer gets infected with ransomware.
#Lockdown Your Network Drives
Make sure to secure your network drives with a password and access control restrictions. Enforce read-only access for files on your network drives. This will prevent ransomware (such as CryptoLocker) from encrypting your files.
#Keep Your System Up-To-Date
Make sure to update your computer with regular patches and security updates as and when they are available. Since ransomware exploits security vulnerabilities in software, it is critical for you to update your computer with regular security patches.
#Real-time Network Traffic Monitoring
In the case of organizations, there’s a lot of focus on filtering inbound connections, but there should also be filtering in outbound connections as well. Since ransomware relies on the instruction given by a remote hacker, blocking the initial outbound attempts to connect to the attacker’s server can stop the ransomware at the initial stages.
For more details about Comodo Advanced Endpoint Protection, contact us at EnterpriseSolutions@comodo.com or +1 888-256-2608.