4 Steps To Ransomware Protection
You’ve probably heard of spyware and malware – but have you heard of ransomware?
Like with a lot of malicious software, ransomware is used by cyber criminals to access your computer and important files – the difference is that ransomware then denies you from accessing them again until you pay the criminals.
One threat that has been talked about a lot recently is Cryptolocker, which has been getting emailed to a huge number of users in the US and UK.
This tactic is becoming increasingly popular with hackers, so how can you protect yourself against it?
You should be doing this already as part of an effective data security strategy, but backing-up your files is the single biggest weapon you have against ransomware.
You might still lose the very latest documents to a ransomware attack, but as long as you can restore the system you don’t have to worry about serious damage being done.
Cryptolocker is frequently delivered with the extension .PDF.EXE. The reason is that the authors know that Windows hides known file-extensions by default. By enabling the ability to see the full extension, you can spot these suspicious files more easily.
Some mail scanners have the ability to filter files by extension, and if yours does then you may wish to block any files that have the .EXE extension, or have .EXE as the second of two extensions.
It would be advisable for you to put a policy in place for exchanging .EXE files in your business, for example via password protected .ZIP files or cloud sharing.
Cryptolocker will often run its executable from the App Data or Local App Data folders, so create rules in Windows (or with an Intrusion Prevention program) to prevent this behaviour.
If there are any programs that will need to run from these locations, you can exclude them separately.
These four steps can be effective at reducing the impact of ransomware, particularly Cryptolocker, however your first line of defence should always be your virus protection suite and firewall.
To find out more about how ITC Secure Networking can protect your business from all types of malicious threats, give us a call on 020 7517 3900. Alternatively, complete our online contact form and we’ll get back to you as soon as we can.