قالب وردپرس درنا توس
Home / Tips and Tricks / Do you want to survive ransomware? How to protect your PC

Do you want to survive ransomware? How to protect your PC



  A woman looking angry as she sits next to a computer screen of ransomware.
PR Image Factory / Shutterstock

Ransomware is all bad about humanity being turned into malware ̵

1; malice, greed, and occasional incompetence. It encrypts your files and demands the payment of a key that may not work. With the right backup strategy, your files can survive an infection.

We recommend doing so today and avoiding the debate over whether you should pay the ransom.

What You Need to Know About Ransomware

Ransomware is a type of malware that protects you from accessing your computer unless you pay a ransom. It usually encrypts your files to exclude them, and the ransom is usually in crypto currency. Ransomware is usually aimed at businesses, businesses and government agencies, but individuals can and will be drawn into the fight.

The software is becoming more and more sophisticated and new variants are constantly being added. While most criminals treat an attack as a transaction, some ransomware writers seem to enjoy fooling with victims. Last year, we learned of ZENIS, a ransomware that intentionally deletes backups. And more recently, GermanWiper, which does not encrypt your files at all – it simply deletes them and still demands a ransom. Unfortunate victims who pay for it have nothing to decrypt because their files have disappeared from the beginning.

 A ransomware alert screen.

And there are more attack vectors than ever before.

"Ransomware is now Transmission is happening through a variety of mechanisms that make it increasingly difficult for end users to stay protected," said Victor Congionti, chief information officer for cybersecurity firm Proven Data. "Ransomware has traditionally been spread across e-mail campaigns where gullible users need to download malicious links, but also said that ransomware is increasingly being distributed in a non-traditional way."

Criminals disguise this in apps and unverified software. Or they may transmit them through spear phishing attacks targeting people in an organization who are more likely to click on suspicious links.

There is a jungle out there!

How To Protect Your Backups From Ransomware [19659006] If your system is infected with ransomware, you can either pay the ransom and hope that you get your files back, or you will not pay and try to reconstruct your PC with backups , The first option is problematic for moral, ethical, financial and logistical reasons. So you can take immediate steps to make sure you can recover from a ransomware attack painlessly.

Start with these three principles for backups:

  • Suppose Ransomware encrypts or deletes everything you can access from your PC. . If you are backing up to an internal or external hard drive that is constantly connected to your PC or the cloud, you should consider these files as already dead. They are only of value for a more old-fashioned and more conventional disaster like a hard drive failure. There is nothing wrong with this type of backup for traditional threats, but it should not be your only line of defense to protect your data.
  • Disconnect the backup from the network . A sound weapon against ransomware is the use of a backup medium that you can air. This means that it is completely disconnected from your computer and the internet. For example, if you are backing up to an external hard drive, attach it only during the scheduled backup, and then immediately disconnect it. "It's critical that the local storage drive stay disconnected from the network," said Congionti. "This prevents the backups from being encrypted when the ransomware program file is loaded into the network and the storage device is offline outside of the encryption process. If the drive is attached, the ransomware can now access these backups, making them unusable because they were encrypted along with other files. "Yes, this is impractical and requires discipline to manually attach a drive and trigger a backup. A particularly secure strategy.
  • Put on versioning . Even if you disconnect your external drive, there is no guarantee that it will be protected. This is because your system may already be infected with malware while performing a backup. "Versioning is an important strategy to ensure recovery from a ransomware attack," said Dror Liwer, founder of security firm Coronet. Use a backup utility that saves multiple versions of your files with timestamps. Then, when you restore your computer, you should have the option of going far enough back that your backup was created before the infection.

Implementing a Practical Backup Strategy

Obviously, common backup solutions are simply not robust enough to protect you from a ransomware attack. Cloud Storage is not the same as Cloud Backup and so everything that synchronizes or mirrors your data is toast. For example, if you want to reclaim files, you can not rely on the free versions of Dropbox, OneDrive, or Google Drive.

However, if you pay for storage, the story may look a little different. Dropbox includes the Dropbox Rewind feature in paid levels. With Dropbox Plus (2TB of storage), you have a 30-day history of your files that you can access anytime. Dropbox Professional (3 TB) has a 180-day version history.

OneDrive has its own ransomware protection. When OneDrive detects potential ransomware activity, it notifies you and asks if you've made the most recent changes to your files. Otherwise, Microsoft will help you clean up your hard disk and restore the damaged files.

Since Google Drive and iCloud do not have such built-in protection, you should not rely on them if ransomware is such a serious problem.

In addition, most online backup solutions use versioning. With services such as Acronis, Carbonite, and iDrive (among others), you can roll back to a snapshot of your hard disk that was created before the infection.

"Carbonite successfully cleared more than 12,600 customers of a ransomware attack after turning to our after-sales service," said Norman Guadagno, Senior Vice President of Marketing for Carbonite.

 The Acronis backup menu.

Some online services even include anti-ransomware tools. For example, Acronis has a tool called Active Protection that looks for malicious behavior.

"When Active Protection detects something fishy," said James Slaby, director of cyber-protection at Acronis, "as a process that renames and then encrypts." A number of files abort the process immediately.

Just as the Apollo spacecraft had two independent control computers, we recommend that you have at least two options for securing your data. You can combine a simple, easy-to-access, synchronization-based solution with a solution that's robust enough to recover from a ransomware attack.

For example, you can use a traditional cloud backup solution, such as Dropbox or OneDrive, to make sure your files are always available when you log in from another PC or have a catastrophic computer outage. If you have a subscription and can use integrated ransomware protection, this is even better!

Simultaneously implement a secure versioning backup solution. You can use a local backup app that writes to an external drive or an online backup service that stores your files in the cloud. Yes, it is more difficult to access your files when using these types of backups. However, you can survive a ransomware attack that is not possible with daily file synchronization As one of the most worrisome types, ransomware is just another type of malware that you know and should be prepared for.

Follow these general rules to minimize the risk of ransomware once you have set up a secure, multi-layered backup solution: [19659016] Use a strong antivirus product with ransomware protection. Of course, no antivirus app is perfect, but any security strategy that does not include it is fundamentally flawed.

  • Do not click anything you do not trust. You know the exercise. Do not click on external links on websites, in emails or text messages or on carrier pigeons. Do not use pirate copies or visit illegal websites. Stay on your mobile in authorized stores like the Google Play Store and the Apple App Store.
  • Keep your computer up to date with the latest system updates In the misfortune of being infected with ransomware, not all hope is lost. There are two free tools that allow you to decrypt your files without paying a penny ransom:

    • No more ransom money: This is a joint venture between McAfee and a handful of European law enforcement agencies now boasts about 100 corporate and government partners. If your system is infected, you can go to the No More Ransom website and upload some encrypted sample files from your computer. If it has cracked this ransomware family, you can unlock your PC for free.
    • ID Ransomware: Similar to No More Ransom, security firm Emsisoft created this project. You can also request that the ID notify you when a non-decryptable attack becomes decryptable in the future.

    RELATED: Should you pay if you are hit by ransomware?


  • Source link