On Friday, the ransomware attack WannaCry swept the globe, wiping out many critical systems and bringing services such as the NHS to a standstill. Many security experts were left puzzled, simply because these attacks are incredibly easy to avoid once a few precautions are in place.
What is a ransomware attack?
As the name suggests, ransomware attacks involve holding the users files at ransom. Once this type of attack gains access to your system, it will encrypt your files and extort money from you to regain access to them.
Here are five steps to help prevent ransomware attacks:
1. Keep software up-to-date
It is important to keep all software on your computer up-to-date to protect against potential breaches of security. Although it may not seem that applications such as Adobe Flash or Java are essential to the security of your computer, both of these applications have had a history of known exploits used to facilitate the installation of viruses and malware.
2. Install/update security software
There are hundreds of free antivirus solutions available to help prevent against common attacks. Popular options such as Avast or Avira are completely free and even employ a scanner that automatically checks incoming files to prevent against infection in the event that files are accidentally downloaded. Windows 10 employs an antivirus (Windows Defender) by default that is widely considered to be as effective as any third party solution.
3. Keep your operating system up-to-date
If you are still using Windows Vista or older, you should update to a newer version of Windows. Microsoft no longer provides updates for these operating systems and as such they are vulnerable to any new attacks. If you are on a supported operating system, ensure that automatic updates are enabled and scheduled to download on a regular basis.
4. Make regular backups
If your files are regularly backed up and stored safely, even in the event that your computer is infected, you can circumvent the attack by backing up files and avoiding the risk of losing them. We recommend backing up to either cloud storage (available free via Dropbox or Google Drive) or by the use of an additional physical storage medium (flash drive, external hard drive, discs). In the event that you choose to use physical storage, always ensure that the device is disconnected from your computer and the Internet whilst not in use to avoid infecting that device.
5. Be suspicious of emails, websites and downloads
In order for your system to become infected by ransomware, you must first let the ransomware gain access to your system. It will usually come in the form of something you would download by accident, such as a bank statement or invoice attached to an email, or even disguised as an image, video or software. Be suspicious of email attachments (specifically from emails you are not expecting), avoid downloading software from questionable websites and be careful when clicking links, whether they be within emails, on web pages or within software.
If you have already been infected then we advise the following:
Although it’s tempting to want to regain access to your files, and the cost may seem relatively low to restore your holiday photos or music collection, it’s important to avoid the temptation to pay the ransom. The organisations that run these attacks fund criminal activity and paying the ransom encourages further attacks to take place. It’s also worth considering that they may not even restore access to your files – all they want is your money.
2. Disconnect any network cables
Like any other form of computer virus, ransomware propagates through networks and will spread automatically until stopped. Disconnecting your computer from the Internet and any local network will eliminate the path by which it would usually spread, and avoid risking other devices that it is connected to.
3. Consult a cyber security expert
Our cyber security experts at Zentek Forensics have the ability to respond to ransomware incidents to help restore your systems and data. We can also provide further advice and support on how to protect your systems and prepare for future incidents. Please feel free to contact us via telephone on 0844 412 8625 or via our Contact Us page.