What you need to know about recent ransomware attacks
Do an internet search on “ransomware recent attacks” and then head past the adverts to the news tab. You are just about guaranteed to find a string of articles listing companies who have been hit. In fact, you’ll probably find at least one article involving a major global name (like Honda). If you take the time to go through the history of the articles, you’ll find that ransomware attacks have been increasing in sophistication and aggressiveness. This means that it is increasingly important to understand how to protect yourself from ransomware attacks.
A brief history of ransomware
Technically, ransomware dates back to 1989, but it took until 2005 for it to start to become a real headache. Arguably the first major attack was the Reveton attack of 2012. Since then, however, there has been a steady stream of attacks occasionally punctuated by major waves of ransomware. Even today, the single most famous ransomware attack is probably the WannaCry attack of 2017. This should really have served as a huge wake-up call to everyone involved with data protection, but clearly, some companies have yet to get the message.
There are three main kinds of ransomware in use today. These are scareware, lockware, and encryption ransomware. Scareware uses frightening messages to try to convince victims that they have a problem. Lockware causes computers to freeze and tries to convince victims that they need to pay to have the lock removed. Encryption ransomware encrypts data and tries to force victims to pay for the decryption key.
Some people class mobile ransomware as a separate category, but this is questionable since, at present, it seems to follow the same lines as scareware and lockware. It just targets mobile operating systems, particularly Android. There is also a type of malware called leakware, which threatens to expose data from a user’s computer unless they make a payment. Arguably this also counts as ransomware, although at present, it’s still very rare.
In most cases, getting rid of the ransomware itself is very straightforward. You just install a reputable anti-malware program and have it scan your computer or mobile device. Getting rid of lockware can be a little more complicated. You will probably need to boot into safe mode and then try to install a reputable anti-malware program. If this doesn’t work, then on a computer you’ll need to restore to a previous time point and on a mobile device do a hard factory reset.
Protecting your data from ransomware
One of the harsh truths about ransomware is that no matter how hard you try, you are never completely guaranteed to keep it out of your system. If, however, you accept this reality, then you can prepare for it.
First of all, you need to make sure that all sensitive data is kept encrypted. Ideally, you should encrypt anything you do not want an authorized third-party to read. As an absolute minimum, you need to ensure that all personally identifiable data is kept encrypted. This includes any personally identifiable data you collect from your own employees. Taking this step will help to keep you on the right side of the law if your systems are compromised.
Secondly, you need to make sure that you have two data backup locations, one local and one off-site. It’s fine if the off-site location is in the cloud, even the public cloud, but it needs to be physically and logically separate from your main system. Ideally, it should contain backups from different time points in case there is a delay in identifying the encryption and it seeps into your backup system.
Preventing ransomware attacks
Any time malware successfully penetrates your defenses, you are going to suffer some level of inconvenience, really the only question is how much. It, therefore, makes sense to do as much as you can to keep out ransomware.
Your first line of defense is a robust anti-malware solution. For most companies and individuals, the best option is a cloud-based product that combines a malware scanner and a firewall. These days, you’ll often get extra functions such as sandboxes and ad-blockers, but those are the two must-haves.
The reason you want a cloud-based product is that security products need to be updated very frequently. With cloud-based products, the vendor deals with the entire update process. There is no need to download and install anything locally. This is both more convenient and quicker. As a bonus, this approach also reduces the load on the local device.
Using an all-in-one solution is also more cost-effective and more convenient as compared to stand-alone products and these days the performance is just as good.
Please click here now to start your free 30-day trial of Comodo AEP.