wedoweb
December 08, 2017
Ervis Drekaj
Ervis Drekaj
Ransomware; and how to protect
I had to write this article, out of web development category, because of ransomware being a trend today, and because I got infected myself. And guess what was the price of unencrypt? 2 BITCOINS!

So what is Ransomware, in general? It is kind of vulnerability which is founded by the US in the operation system (Microsoft Windows XP), using this vulnerability hacker access your system and block or encrypt all the data on your system, in the exchange they want money from you to unencrypt your data.

It is a type of malicious software that carries out the cryptoviral extortion attack from cryptovirology that blocks access to data until a ransom is paid and displays a message requesting payment to unlock it.
Simple ransomware may lock the system in a way which is not difficult for a knowledgeable person to reverse. More advanced malware encrypts the victim’s files, making them inaccessible, and demands a ransom payment to decrypt them.

The ransomware may also encrypt the computer’s Master File Table (MFT) or the entire hard drive.Thus, ransomware is a denial-of-access attack that prevents computer users from accessing files since it is intractable to decrypt the files without the decryption key.

Ransomware attacks are typically carried out using a Trojan that has a payload disguised as a legitimate file.
The growth of ransomware over the past few years has driven the security industry to create myriads of tools applicable for blocking these types of threats from being executed on computers. Few of them are 100% bulletproof, though.

This article is particularly focused on additional measures that you should employ to ensure a higher level of defense against these plagues.

1. First and foremost, be sure to backup your most important files on a regular basis.


Keep all your important Data backup in any USB drives, HDD’s etc.

2. Personalise your anti-spam settings the right way.


the most ransomware variants are known to be spreading via eye-catching emails that contain contagious attachments. It’s a great idea to configure your webmail server to block dubious attachments with extensions like .exe, .vbs, or .scr.

3. Refrain from opening attachments that look suspicious.


This doesn’t only apply to messages sent by unfamiliar people but also to senders who you believe are your acquaintances. Phishing emails may masquerade as notifications from a delivery service, an e-commerce resource, a law enforcement agency, or a banking institution.

4. Think twice before clicking.


Think twice before clicking on any external links, or the link came in 3rd Party emails, also beware of the attachments like taskhost.exe, system.exe. and verify twice before clicking any every .exe file came through the mail

5. The Show File Extensions feature can thwart ransomware plagues, as well.


Keep the file extension visible on your system, so you can easily identify the file before clicking.

6. Patch and keep your operating system, antivirus, browsers, Adobe Flash Player, Java, and other software up-to-date.


Keep your system updated with the latest software and latest operating systems as well, if you are still using the earlier windows version like XP, 98 2000, 2003 etc there are much more chances to get trapped in ransomware…

7. In the event, a suspicious process is spotted on your computer, instantly turn off the Internet connection.


while surfing the internet, or doing anything on the internet, if you found any suspicious activity or if your system is not working as your instructions. Immediately turn off the internet, if you are using the WiFi then switch off the Adapter, or if you are using ethernet the disconnect the LAN cable from your system.

8. Keep the Windows Firewall turned on and properly configured at all times.


if you are on Windows system, then never turn off the Windows firewall settings, if any third party app will ask you to turn off firewall setting, Don’t Do!! Don’t Do!!

9. Use strong passwords that cannot be brute-forced by remote criminals.


always use the strongest password for you every account whether it is a eMails account or your system login account must try to use the special charter in your password, the numbers and the small and capital letters as well. never use the dates name in your password.

10. Deactivate AutoPlay.


try to avoid autoplay drives, or disable the autoplay option in your windows,

11. Think of disabling remote services.


Avoid using the remote services because there are so many chances to spread ransomware using the remote services

12. Switch off unused wireless connections, such as Bluetooth or infrared ports.


If you are not using the internet keep your internet services turned off, and your devices as well.
Since ransomware is definitely today’s number one cyber peril due to the damage it causes and the prevalence factor, the countermeasures above are a must. Otherwise, your most important files could be completely lost.

--

The key recommendation, though, is the one about backups – offline or in the cloud. In this scenario, the recovery consists of removing the ransom Trojan and transferring data from the backup storage.

Currently, dealing with the consequences of ransomware isn’t very promising from the file decryption perspective. That is why thwarting the virus attack can save you a pretty penny and guarantee peace of mind....