Some tips to protect yourself from becoming a ransomware victim
Ransomware has been a nightmare for thousands of individuals and businesses all over the world. It has taking the security world by storm, and many cyber firms are struggling to stay ahead of the ever-evolving ransomware trends. According to Gartner, global cyber security spending is estimated to reach $96 billion in 2018
Some insight
Some alarming ransomware statistics for 2018.
Cyber Criminals are changing it up
Due to the mass publicity of ransomware especially after the WannaCry event users have become much more suspicious of unknown emails and links this has forced the cyber criminals to come up with more advanced methods of attack, such as using social engineering or hacking a company network or even home network
Cyber criminals have started to target more profitable targets such as large corporations and especially those who have data that can be sold on the DarkWeb, such as email addresses, credit card info etc.
Therefore it has become vital to any and all individuals and business to have the proper protection and policies in place to protect themselves from these cyber criminals.
Lets start with the basics
We will cover some of the basics things which should always be in place.
Anti-virus protection
Assuming because you use a smartphone you cannot be a victim to ransomware it a big mistake, mobile ransomware has increased with over 250% and these days we keep just as much personal and business information on our smartphones, if not more, than we do on our computers.
That being said, it is vital to always have an up-to-date anti-virus solution installed on your smartphone(s) and computers. I would recommend a solution which provide additional ransomware protection.
Regular Data Backups
Besides the benefit of having a backup in the event your device gets stolen or crashes, having regular data backups can be essential to protecting your data. So, in the unfortunate event that you do get infected by ransomware, all your important documents and files have been backup and can be recovered without having to pay any of ransom demanded by cyber criminals.
It is important to note that, the data backup I am referring to here is to back up your data to an external device or cloud hosting provider, and not an additional drive or partition on your computer as the chances are this external drive or partition will also be infected and all your backups will be lost.
Downloading Torrents is a bad idea
Torrents, especially illegal torrents are the perfect delivery mechanism for cyber criminals to infect your computer with ransomware. These ransomware files are either disguised as valid files or are embedded in the installation files and only once it is to late you realize that you have downloaded a fake file and all your files have now been infected with ransomware.
When you download a file from a website this should only be done from a trusted source.
Firewalls are a must for any business
Most business have internet facing devices which are always connected, and thus vulnerable to attack from cyber criminals. Simply relying on your router to filter out the traffic is now enough, you need to implement a dedicated hardware firewall at the perimeter of your network.
Installing a firewall in front of your internet facing devices is vital to network security and should not be overlooked by any business. There are many ways of implementing a firewall in your company network such as setting up DMZ or having multiple firewalls.
As an additional note, firewall setups can be tricky and thus need to be configured correctly by a trained professional as a firewall which is incorrectly configured can be just as vulnerable as a network without a firewall. You can contact us for assistance with setting up a firewall for your network.
Here are some of the more advanced techniques
Cyber criminals regularly come up with new ways to trick users into clicking a link or downloading an infected file
Spoofed Emails / Phising Emails
Cyber criminals still often rely on sending out mass emails or even target emails to users with a spoofed email address. A spoofed email address is sending an email from a domain address which is not owned by the user sending the email. So for example an email may be sent from [email protected] , and this is what you will frequently see in the from address, but when you look closer, there is an additional piece of information which if frequently overlooked, which indicated that the email is sent on behalf or via [email protected].
These kinds of emails normally promise some kind of monetary reward or unbelievable special which encourages the user to click on the link or download the attached document. Normally most of these emails get blocked by the ISP or email server but often some of them do slip through and its vital that you always be on the lookout for this indicator that the email is attempting to infect your computer.
If it sounds to good too be true, it normally is! DO NOT click on any of the links or attachments, report this to your IT Team or IT Service Provider and then delete the email immediately.
Social Engineering
We the weakest point in a cyber defence setup can often be the users within the network, especially if no training has been provided to these staff members to be aware of social engineering.
Cyber criminals are very creative when it comes to social engineering and often do months of research when targeting a high net-worth company or individual. They may pose as a high-profile client or person of authority to try and get you to reveal sensitive information about the company network or security systems that are in place. In some cases, they may even pose as an IT Support team member from your company, that needs to install an urgent patch onto your computer to fix some kind of vulnerability.
It is vital that you do not disclose any information or install any application before validating the information the other party is providing. More often than not, if you request the so called technician to hold on while you check with the IT Manager, they will end the call.
Additionally, if something does not make sense trust your gut and alert the relevant members of your team. For example, if the "Technician" calls your office phone to get you to install a patch, but you know that your in-house technician is in the office down the hall and normally comes directly to you or sends out an email prior to any of these updates, then something is definitely wrong with the information that is being provided by the caller and you should promptly end the call and report this to your team.
As a final note on social engineering, these are only a few examples of what cyber criminals try and there are thousands of other tricks that are utilized. If you are in doubt, even if it is a person of authority always validate the information being provided before taking any action or providing any information
Passwords
Weak passwords have been a point of concern for many years in the fight against cybercrime. Most users think, they would never be a victim, so why bother setting up a complex password and make it harder for themselves to log into their own devices. This unfortunately is a big mistake as cyber criminals will target any and all potential victims.
With the ever-increasing hardware capabilities such as the powerful GPUs being releases, it is becoming much easier for a hacker to crack a weak password. Hackers will frequently use password list which contain thousands of passwords, these lists contain all the common weak passwords which have been used previously or leaked by a previous data breach. Using a weak password or common word combination, allows the hacker to obtain your password in a matter of hours if not minutes.
Password policies are essential to safeguard your own personal information as well as a company network. I have added some guidelines to creating a strong password to help you protect your and secure your network in the fight against ransomware.
- Must be at least 8 characters long
- Must include both upper-case and lower-case letters
- Must include one or more numbers
- Must include one or more special characters such as #@$%
- Change your password every 90 days
- DO NOT include your name or surname in the password
- DO NOT include your pets, spouse or childrens name in the password
- DO NOT use easily guessable passwords such as letmein or P@ssword
- DO NOT use your phone number as a password
Finally, Two-factor Authentication (TFA) has done a tremendous deal in enhancing password security as it adds an additional layer of security to your login. TFA requires you to have access to some form of additional device such as a smartphone, biometric scanner or email, where an additional authentication code is generation which needs to be validated prior to granting access to your device or software.
TFA, if strongly recommended and should always be enabled if available.
Our Cyber security team is always standing by to assist you with all your security needs and can help you better protect yourself and your business from cyber criminals