Blog

Geekheads News

Ransomware Protection

2017 saw the biggest ever cyber attack in Internet history. A ransomware named WannaCry stormed through the web, with the damage epicenter being in Europe.

What is Ransomware?

Ransomware is a sophisticated piece of malware that blocks the victim’s access to his/her files, and the only way to regain access to the files is to pay a ransom.

How many types of ransomware are there?

There are two types of ransomware in circulation:
1. Encrypting ransomware, which incorporates advanced encryption algorithms. It’s designed to block system files and demand payment to provide the victim with the key that can decrypt the blocked content.
2. Locker ransomware, which locks the victim out of the operating system, making it impossible to access the desktop and any apps or files. The files are not encrypted in this case, but the attackers still ask for a ransom to unlock the infected computer.

Why ransomware often goes undetected by antivirus?

Ransomware uses several evasion tactics that keep it hidden and allow it to:
1. Communication with Command & Control servers is encrypted and difficult to detect in network traffic
2. Features built-in traffic anonymisers, like TOR and Bitcoin, to avoid tracking by law enforcement agencies and to receive ransom payments
3. Employs domain shadowing to conceal exploits and hide the communication between the downloader (payload) and the servers controlled by cyber criminals

How to take your ransomware protection to the next level?

1. Don’t store important data only on a PC
2. Have 2 backups of data: on an external hard drive and in the cloud
3. Operating system and software is up to date, including the latest security updates
4. Remove the following plugins from browsers: Adobe Flash, Adobe Reader, Java and Silverlight. Set the browser to ask to activate these plugins when needed
5. Removed outdated plugins and add-ons in browsers. Kept the ones in use on a daily basis and keep them updated to the latest version
6. Never open spam emails or emails from unknown senders
7. Never download attachments from spam emails or suspicious emails
8. Never click links in spam emails or suspicious emails
9. Use a reliable, paid antivirus product that includes an automatic update module and a real-time scanner
10. Finally, understand the importance of having a traffic-filtering solution that can provide proactive anti-ransomware protection

Do you have any questions?
Call 020 3637 6095
Or email support@geekheads.co.uk

Posted by