Question

Q&A Monday: Defense Against Ransomware

Question

Question:
There has been a lot in the news about ransomware, what can I do to protect myself?

Melody Carroll
Dayton
, MN

Answer:
There isn’t a day that goes by that you don’t hear about ransomware hitting a company or targeting another industry and that can make people like yourself want to guard themselves against this particular type of attack. Before I begin, let’s just lay down classically, what is ransomware and why it’s dangerous. In short, ransomware is malicious software that “locks up” (encrypts) victims’ files and keeps the person from accessing them without payment. This is usually done in cryptocurrency, which is hard to trace, and then the attacker will give directions on how to gain access back to those files. Some variants of ransomware not only encrypt the files, but they also make a copy of the files on their systems, so they can add the additional threat of releasing the data if you don’t pay.

Practice “Cyber Hygiene”

Luckily keeping yourself safe from ransomware is not much different than from any other type of malware. Now to start out you don’t need to go crazy, just some basic steps you can do can keep your computers safe.

  • Multi-Factor (two-factor) authentication: Now this is a great way to protect yourself with only a little effort. Most websites and/or applications let you use another factor outside of your password to get into your accounts. Now the method will vary by the website but you’ll be able to choose between an email, text, or authenticator code to get into the website. Most banks have been doing this for years and most sites I use let me set this up as an option. So now with my password, I’ll get a code to log me into the site. This keeps people from guessing your password or even having it leaked from another site.
  • Backup Data Offline: Most people rely upon a cloud service like google, Dropbox, iCloud, or OneDrive to back up important stuff or pictures. While this is great, if your computer is compromised, then it may sync those encrypted files to the cloud storage platform. The best way to protect yourself is offline backups. Purchase an external hard drive that you disconnect after you back up your files. This way, if your files are encrypted, you have a backup that is safe but only works if you disconnect after every backup. I use a reminder to remind myself to back up and disconnect.
  • Utilize Guest Network at Home: In companies, they segment their networks (or should), to keep hackers from easily moving from one system to another. If you have the technical expertise you can do this at home, but it’s not for everyone. The simplistic solution I recommend is that if your router supports it, you turn on your “Guest Network” feature and put some things on that segmented network. For example, I’ve recommended people put IoT devices on there, like their cameras, alarms, toasters, assistants, etc. Should any of those devices become compromised, it would make it harder for an attacker to get to your computers, as they’re on a different network.
  • Password Security: This is easier said than done for most people. Make sure that your passwords are unique and complex for each website or application that you use. Attackers if they get a username and password will try that combination on all the popular sites. I recommend that you use a password manager, to keep track of the unique passwords for each site and that you make sure it’s complex. Then there’s making sure that you change the password on a regular basis, to make sure that you keep that secure.
  • Don’t use remote tools: There are a ton of applications out there that let you, control your computer at home or send files to storage at your house. Anytime you let yourself have access to things from outside your home, you let hackers have the same path. While some of this can easily be mitigated using MFA or complex unique passwords, it’s something that you need to consider.
  • Suspicious Emails: At this point, there isn’t a person who knows about Spam Emails, and most of us can point them out easily, yet lesser known is the phishing email. Most workplaces will cover this, but I recommend that if you get an email from a business that you do, do business with and you weren’t expecting it, don’t click any link in that email, and instead go directly to the website itself. Unless you are comfortable with looking at the email address or headers of an email to determine if it’s legitimate…but honestly, I can do that, and most of the time I’ll go to the website directly. These are tactics of either getting your login details or getting malware onto your computer.

Now to be clear, there isn’t a foolproof way of protecting yourself, but the more defenses you put up, the more likely an attacker is to move to the next victim. I was once told, why would a car thief break into a car, when the one next to it is already opened? If someone wants it bad enough, they’ll get you information, but you don’t have to make it easy. I hoped that helped.

——————————————————————————————–
If you have any questions that you want Jim to answer, from business servers to home computers, drop him a line at me@jimguckin.com, and he’ll try to answer your question.  Check back every Monday for a new Question and Answer session, and check back Wednesday and Friday for other technical insights.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.