One of the most ‘popular’ causes of data loss is ransomware. Here at Dave’s Computers, many of the data recovery requests we see are from virus or malware infections, especially ransomware. It is one of the worst types of attacks on the internet and a cause of a lot of angst for computer users.
They key to surviving any type of virus or malware risk is prevention. They say in medicine, ‘prevention is better than cure’ and the same goes for computers. If you want to avoid losing data or worse, you have to do everything you can to avoid becoming infected by such things.
As Dave’s Computers performs data recovery for both home and business users, I include both in these tips.
What is ransomware?
Ransomware is one of my pet hates. It’s nasty and while it can be less destructive than a virus, its intent is the worst. Imagine this: You’re sitting at your computer, surfing the internet or doing some work and you suddenly a notice appears on the screen saying
‘The files on this computer have been encrypted. You have 96 hours to submit payment to receive the encryption key, otherwise your files will be permanently deleted.’
In some cases, the warning looks like an FBI notice, in other cases it doesn’t pretend to be anything other than it is. An attempt to hold you to ransom by locking down your computer. It will show a Bitcoin or MoneyPak address and a countdown clock to force you into action. A variable dollar amount will also be shown which the hacker wants you to pay to get your computer back.
There are two types of ransomware, locker and encryption. Locker ransomware will lock you out of your computer and only allow access once you get an unlock key after paying the ransom. Encryption malware will use very strong encryption to lock down your hard drive. You only get the decryption key once you pay.
The main issue with ransomware is that even with our advanced data recovery tools, we will be unlikely to recover any of your data if it falls prey to ransomware. All is not lost though as you will find out.
How to avoid ransomware
Ransomware depends on social engineering to work. That means enticing, fooling or forcing you to do something using psychology. This is a powerful attack vector but also its Achilles heel as you will see.
Know the risks and educate staff
The single most effective way to avoid ransomware is to know the risks. Don’t go to websites that look risky. Don’t click on links sent by email even if they don’t look phony. Don’t download anything if you’re not sure of what it is and never, ever open an email attachment unless you are completely sure you know who it is from.
Run regular backups
Even home users can benefit from running regular backups. Data recovery would be so much easier if we had a recent backup to work from. You could even do it yourself. Windows and Apple both have backup utilities built in. There are also some pretty good third party software programs that can automate it for you.
Use email preview
If you use Outlook or other mail program, you have the option to view the email in preview mode. Most web-based email will have this by default. In preview mode, you get to see what an email contains without anything being executed. So if the email is infected, it won’t necessarily infect your computer automatically.
Strip code and attachments from email
Both home users and businesses would benefit from telling their email program or server to automatically remove code and attachments from email. This could avoid a huge number of ransomware risks right away. If the attachment is legitimate, you can always get a copy from webmail. In exchange, your computer will remain much better protected.
Use a quality antivirus and malware scanner
Many good quality antivirus or malware products will include email scanning in their repertoire of skills. Use one. Not only can it help protect you from ransomware but also other threats too. No computer that ever connects to the internet should be without both antivirus and malware scanning. That includes Apple.
Use a quality firewall too
A firewall analyzes traffic in and out of your computer or network for threats. They come either as software firewalls that install on your computer or as hardware firewalls as their own device or built into a router. You must have at least one of these running at all times. I tend to suggest using a software firewall on each connected device and a good quality router with a hardware firewall component built in.
Don’t use the Administrator account
This mainly applies to Windows users. Once you have your computer set up how you like it, create a Guest account and use that for everything except making system changes. It has far fewer privileges than an Administrator account which means if ransomware goes get through your defenses it can do much less damage.
Keep your device updated
Finally, make sure to allow your devices to automatically update themselves. Many Windows and Apple updates include security patches and vulnerability fixes which can help plug holes in your defenses. Both operating systems default to allowing automatic updates so make sure to not change that.
Those are some of the main ways to prevent becoming a victim of ransomware. If you do find yourself infected, Kaspersky, AVG and other security companies offer decryption methods for some but not all ransomware.
If you get stuck or need some help, bring your device to Dave’s Computers in New Jersey. We cannot promise to fix the issue but we have decades of experience with computers and malware and can usually work something out. Otherwise, our data recovery experts may be able to work their magic and save the day as long as it isn’t encryption ransomware causing you trouble. We make no promises except the promise that we will do our best!
Contact us at 908-428-9558 if you ever need our help.