March 12, 2017 — Alexander Ivanyuk
Backup and recoveryCybersecurityEndpoint protectionInnovations and technologiesIT channel insightsExecutive vision

How to Avoid Ransomware: 10 Simple Tips

Cyber Protect

While companies might invest heavily in the latest firewalls and cybersecurity solutions to protect their IT infrastructure, a careless click from an unwitting employee can bring the entire system to its knees. In fact, cybercriminals count on human error, using sophisticated social engineering techniques to trick employees and bypass the defenses companies deploy in order to infect systems with crippling ransomware.

Through regular employee testing on threats like phishing and social engineering and professionally-led security awareness training, you can reduce the chances an employee will introduce an infection, but they are only human. Thankfully, there are 10 simple steps you can take to protect your system from the worst cyber threats.

1. Perform regular backups

Regular full image backups are the ultimate way to mitigate the threat of ransomware attacks. Critical files should be backed up even more frequently, preferably to secure cloud storage. However, you need to check with your vendor to make sure that your cloud backup is protected against ransomware.

2. Have an anti-malware solution in place

Anti-malware software provides a valuable defense against malware infections, but choose your software carefully. Remember: many free anti-virus programs don’t offer any protection against ransomware.

3. Face modern threats with modern protection

Today malware is designed to infiltrate your computer system defenses more successfully than ever before. Modern threats like ransomware even make a point of targeting your backups to increase the odds that you’ll choose to pay up for your data. To stay ahead of these threats, modern backup software has built-in, real-time ransomware protection. The leading technology in this field uses machine learning and artificial intelligence to detect and stop ransomware even when your anti-malware program isn’t able to.

4. Keep up with software updates

Don’t ignore software update messages. They introduce new features and patch security holes that could be exploited by cybercriminals. Once patched, those vulnerabilities can’t be exploited. Upgrading to the latest software version is also a good practice, since outdated software may not be supported by your vendor, leaving your applications and operating systems open to attacks.

5. Make file extensions visible

Your operating system may hide file extensions by default in order to try and keep things simple. But we highly recommended you make them visible. By enabling file extensions, you can review file types as they’re sent to you and keep an eye on unusual extensions that you don’t usually receive.

6. Limit user privileges

If a computer user has Administrator privileges, they can unintentionally introduce major problems to your network. Do not switch UAC (User Account Control) in Windows either: an extra layer of security never hurts.

7. Prevent “AppData” and “LocalAppData” folder launches

Many ransomware programs, (e.g., Cryptolocker), copy files to these folders and run undetected, in an attempt to look like a normal Windows process. You can create specific rules within your Windows installation to prevent files from being executed from these folders.

8. Disable remote desktop connection

Ransomware often accesses target machines using Remote Desktop Protocol (RDP), a Windows utility that allows others to access desktops remotely. If that kind of access isn’t needed in your workplace, eliminate that access point by disabling the RDP.

Finally, make sure everyone in your organization internalizes these last two rules.

9. Be careful with email attachments

When receiving something from a person you don’t know, or something you don’t expect — don’t open it. Check with the sender about its contents and then run it through your anti-virus program. Regardless of the sender, stay on the safe side: don’t open suspicious email attachments and don’t click unexpected, unexplained links, especially ones that ask you to download software.

10. Don’t enable macros in MS Office attachments

When receiving a Word document or Excel spreadsheet by email, if it asks you to “Enable Macros” — don’t do it. A lot of harmful malware is spread this way (e.g., Osiris Ransomware). If the file is infected and you turn the macros on, hackers have permission to install ransomware and start encrypting your data. To help eliminate this risk, Microsoft Office now includes an option to “Block macros from running in Office files from the internet”. Make sure it’s enabled on all of your computers.

Here we have listed a few measures you can take to protect your computer from ransomware. How many of these do you already apply? What stops you from following all the above steps? Remember: many victims of ransomware attacks thought it would never happen to them, ending up unprepared to withstand the attack and paying thousands of dollars in ransom. Don’t become part of this statistic. With a few simple tricks and robust ranswomare protection software from Acronis you can protect your valuable data in the most efficient and cost-effective way.


More from Acronis