Ransomware is a type of malicious software used by cybercriminals to encrypt your computer or computer files for ransom, demanding payment from you to restore them back.
Ransomware is becoming an increasingly popular way for cybercriminals to extort money from large organizations and consumers (individual users) alike. Ransomware can get onto a person’s computer by various means, but those methods either boil down to social engineering tactics or using software vulnerabilities to infiltrate the victim’s computer silently in the background.>
How To Prevent It (Ransomware Protection)
Ransomware can be very scary – the encrypted files can get damaged beyond repair. But if you have prepared your computer systems in advance, ransomware is nothing more than a nuisance. Here are a few tips that will help prevent ransomware:
Back Up Your Data
Regularly updated backups are the best defense against ransomware attacks. If you have a backup of your data, you don't have to worry even if you are attacked by ransomware. Remember that some ransomware variants will also encrypt files on mapped network drives. So, it is necessary to have a regular backup plan.
You can use an external storage drive or backup service, one that is not assigned a drive letter or is offline when not in use.
Show Hidden File-Extensions and Filter .EXE Files in Emails
Most ransomware variants spread through emails. Ransomware usually arrives in an email attachment that is named with the extension “.PDF.EXE”, relying on Window’s default behavior of hiding known file-extensions. Enabling the ability to see the full file-extensions make it easier for you to spot suspicious/ malicious files.
Apart from that, you can also set filters on your email client so that emails sent with “.EXE” files will get blocked from entering your inbox.
Disable RDP (Remote Desktop Protocol)
Ransomware variants such as the Cryptolocker/Filecoder infiltrate a victim's computer target through the Remote Desktop Protocol (RDP). RDP is a Windows utility that allows anyone to access your desktop remotely.
Disabling Remote Desktop Protocol (RDP) can help protect your computer from Cryptolocker/Filecoder ransomware and other RDP exploits.
Patch Or Update Your Software
Ransomware usually targets users who are running outdated software with known vulnerabilities. If you are a Windows users, make sure to accept regular automatic security updates as soon as they become available from Microsoft. If you are using Microsoft Office Applications, make sure of installing security patches for them.
Similarly, keep your antivirus or anti-malware software up-to-date with the latest virus signatures. Most OEMs and security vendors release software patches and updates to catch and stop malware including ransomware before it infects your computer and files. Be sure you are running the most recent versions of Windows OS and security software.
Enable Popup Blockers
Popups can be annoying and malicious at times which redirect you to malicious and fake websites. Enable popup blockers on your web browser to prevent unwanted or misleading advertisements, popups, and other browser malware that leads to ransomware infection.
Real-time Traffic Monitoring
In the case of organizations, there’s a lot of focus on filtering inbound connections, but there should also be filtering in outbound connections as well. Since the ransomware relies on the instruction given by a remote hacker, blocking the initial outbound attempts to connect to the attacker’s server can stop the ransomware at the initial stages itself.
If you are an enterprise user, it is advisable to use Comodo Advanced Endpoint Protection (AEP). Comodo (AEP) provides complete end-to-end protection across the boundary, internal network, and across endpoints preventing even the most advanced malware, including the ransomware.
Comodo Advanced Endpoint Protection Includes:
- Endpoint Containment Firewall Web Filtering
- Antivirus Host Intrusion Prevention (HIPS)
- Behavioral Analysis (VirusScope) Valkyrie Cloud-based Static and Dynamic analysis
- Specialized Threat Analysis and Protection (STAP)