Following the Wannacry outbreak, we were reading about another attack, called Adylkuzz. Both cyberthreats rely on a Windows bug that was patched on March 14 and only affect PCs that haven’t installed the latest version of Microsoft’s software updates.
In light of this news, I thought it would be timely to talk about some common sense recommendations for dealing with ransomware.
Most important, if at all possible, you don’t want to react or try to remove ransomware, you want to prevent it from ever happening. It sounds like stating the obvious — and it is!
How do you prevent it from happening? The good news is that like phishing exploits, the vast majority of recommendations are straightforward changes to software or the operating system that you use.
- Keep your browsers, plug-ins, operating system and anti-virus up to date.
- Don’t click on links in emails you are not 100% certain of. Just don’t! Many ransomware attacks are using the tried and true phishing techniques of spamming you with malicious attachments or URL links.
- Don’t click on ads: even on sites you trust. Another common method is when the attackers compromise legitimate sites embedding malware in ads. Use ad blockers in your browser if you can.
- Don’t visit suspicious or unreliable web sites.
- Software or system changes:
- Show hidden file extensions to make it easier to spot suspicious files
- Don’t allow emails with .EXE extensions or double extensions (e.g., .PDF.EXE)
- Scan ZIP archives sent in email
- Disable the Remote Desktop Protocol (RDP)
Having said all that, just in case you don’t prevent it from happening, the single most important task is to backup all of your important data regularly to an offline source. Offline can be as simple as a USB drive that you only plug into your system during the backup process and then unplug immediately after it is done (Note: when you do plug this USB drive into your system to do the backup, the very first thing you should always do is scan it for viruses). By doing regular backups, if you are hit with ransomware, you have a safe copy of all of your data.
Brad Johnson is Vice President of SystemExperts Corporation and has been a leader of the company since 1995. He has participated in seminal industry initiatives including the Open Software Foundation (OSF), X/Open, the IETF, and has published many articles on open systems, Internet security, security architecture, ethical hacking and web application security.