GeekPolice Tech TutorialsLog in

 

Share

descriptionImportantProtecting Your Devices Against Ransomware

more_horiz
Protecting Your Devices Against Ransomware
Introduction

Whether you are using a computer, mobile device, or other device–or you're a home or business user of such devices... What you need to know to protect your devices against ransomware is enclosed below. However, first, we shall explore ransomware briefly.

What is Ransomware?

Ransomware is a piece of malicious code (malware) that is intended to lock down your files or operating system, which demands a ransom to be paid to unlock your OS/files. You pay the ransomer and they give you the unlock code. Since this has evolved so much over the past few years, now becoming an epidemic to the masses, ransomers are now making thousands to hundreds of thousands of dollars (much monies) from doing it. So what do we do?

What to do about it?

STEP 1: Backup your files often and ensure they are password protected. Using cloud backup solutions are usually the most vital to do, such as Box, Dropbox, Google Drive, Microsoft OneDrive, etc. If you decide to backup your files to an external hard drive or solid-state drive, ensure to disconnect it from the PC when not in use. Although this is annoying to do, it will protect the drive from ransomware in the future (as ransomware will typically encrypt all hard drives with its malicious code). You don't know if your computer will be ransomed, and you don't know if all of your files will be recoverable either. Having a good backup is vital!

STEP 2: Install a software security solution that has ransomware discovery and protection on it. One example would be Bitdefender Total Security for the PC, which has ransomware protection built in. There are quite a few others (please post below if you would like us to help you find a solution). Some antivirus programs have ransomware protection built in.

STEP 3: Install Operating System Updates, especially the critical security updates. It is highly important to realize that ransomware carries exploit kits to subjugate a vulnerability by spoofing code variants, to which having OS updates installed would be able to block the ability to take advantage of a vulnerability. Microsoft for example puts out updates for the OS on the second Tuesday of each month, Patch Tuesday, and also releases other mini updates as needed through the month. The quicker the updates are done from Patch Tuesday, the better protected you are in the long run. Nonetheless, ensure you are always running the latest version of the operating system to ensure maximum support when possible.

STEP 4: Install other program/app updates. It is so common to see many mobile device users avoiding to install app updates, especially for those with critical vulnerabilities. PC users tend to do the same; however, it's important to keep all of your software updated on every device. It can be a lot of work, but sometimes certain devices will have auto-update available, so leave your wi-fi on and let it do its work when needed - or turn on wi-fi once a day and allow it to sit and update until done. There are many software update checkers on the PC, for example FileHippo Update Checker, Flexera Personal Software Inspector, and even many antivirus/anti-malware programs.

STEP 5: Keep spam filters on for email clients, or ensure your webmail is properly filtering spam. Much of the attachments that come in email anymore, especially targeted emails, can have very nasty infections embedded. Don't open attachments from people you don't know. If an attachment seems odd coming from a person you do know, email them first to ask if they meant to send that or not (their account could be hacked).

STEP 6: Make sure to show file extensions on the PC/Mac. Malware authors will trick the user through this, by naming a file something deceptive while having it as an executable type of file to launch malware. (PC - Mac)

STEP 7: Refuse to download files from sites you do not trust. Also, be wary of potential adware, as it may bundle in ransomware and cause issues. Ensure to read the terms and conditions of the software you are attempting to download and always scan the file with VirusTotal.com or other file scanning website before launching the installer. This will help to discover threats before they can affect you.

STEP 8: Setup very strong passwords. Do not use weak passwords for anything. Always use strong passwords!

STEP 9: Rename or disable vssadmin, disable Windows Script Host, disable Windows PowerShell, disable Remote Desktop, and setup Software Restriction Policies as needed for certain programs/apps.

Conclusion

We appreciate feedback on this tutorial. Please let us know if you need help with any of this by commenting below. We would love to chat with you about this and help to harden your computer against ransomware (hopefully for good!). Thanks for reading!

Extra information on protection just below: http://www.geekpolice.net/t30442-protecting-your-devices-against-ransomware#215126


Last edited by Dr Jay on 16th March 2017, 7:07 pm; edited 8 times in total

descriptionImportantRe: Protecting Your Devices Against Ransomware

more_horiz
Fantastic tutorial thank you Jay!

descriptionImportantRe: Protecting Your Devices Against Ransomware

more_horiz
Great info, thanks.

What's the latest tool or tools that can help protect against ransomware? It seems way too scary for its own good. No Clue!

descriptionImportantRe: Protecting Your Devices Against Ransomware

more_horiz
Information
Good question... There's no foolproof way to protect against ransomware, but a few anti-ransomware tools may serve a good purpose. Some protection is better than none.

For starters, anti-exploit tools may help even further supplement, and of course having a good antivirus, third-party firewall, and anti-malware are very good in protection.

In addition, these tools may prove very useful:

-Backup software such as Box, Dropbox, Google Drive, OneDrive, iDrive, and many more cloud storage solutions would be a good start, along with the normal backups you make, but make sure you encrypt your backups on your PC with a password, especially on the external HDD. Encrypting the entire drive would be very useful in protecting against other programs encrypting your personal files. If you encrypt files and you know the password (make it a good password), then you will save much time (and money)!
-Full tools/programs (in no specific order): Malwarebytes' Anti-Ransomware Beta, Bitdefender Anti-Ransomware Tool, Sophos Intercept-X, Kaspersky Anti-Ransomware Tool, Trend Micro Anti-Ransomware, HitmanPro.Alert, Enhanced Mitigation Experience Toolkit by Microsoft (EMET), etc.
-A few internet security solutions claim to have ransomware protection built in, including Kaspersky Internet Security or higher products, Bitdefender Internet Security or higher products, eScan Security Suite, Trend Micro Security Suite, Emsisoft Anti-Malware, G-Data Internet Security, etc.
-There are many labs that research and provide solutions to help mitigate or deal with ransomware infections, such as Barracuda, Endgame, FireEye, KnowBe4, Varonis, CyberArk, Sectricity, MalwareHunterTeam, IDTool, ZeroDay Initiative, etc.


Hope this helps. Smile...
Permissions in this forum:
You cannot reply to topics in this forum