How to stop "Ransomware Attacks"

Let's start with the meaning, ransomware or ransom malware is types of cyber threats which restricts users to access their system and files and were asked for ransom payment to retrieve it. In the modern world, cybercriminals look for payment via credit card or cryptocurrency.

How do they enter into your system?

Honestly, there are several ways that ransomware can enter your system and perform mischief activities. Relatively, the most common method used by the evil hackers is "Malspam", i.e. sending the malware via email. The malware might be hidden in the pdf or word form of attachment, or simply in links provided in the email body which redirects you to the malicious website.

If you are thinking that you are wise enough not to download a PDF, think of an email which comes from Income Tax department attaching a PDF on Income Tax Refund. Or an email coming from the HR dept. with a pdf attachment to fill up for your performance appraisal. To download or not to download? With email spoofing becoming so easy, any email can be sent with a malware from the government tax department or your HR dept.

Another method of spreading the ransomware is "Malvertising". In this technique, the evil hackers use online advertising platforms to layout the malware. While surfing the internet, users redirect to the malicious servers and provide their access to these illegal activists. The servers navigate the users' system details and location.

Unfortunately, all companies invest a lot of money into firewall and very less budget they have for protecting the endpoints. And firewall cannot project the network from ransomware. This makes the organizations very vulnerable to ransomware.

How to prevent Ransomware:

1. Have proper backups of your data:

Though this may not be able to protect you from the attack. But it will 100% save you from the impact. It is very important to have a backup of your important data on a separate device (other systems, portable hard drives, cloud storage). This helps to retrieve your data and makes less impact of the malicious attacks. Besides, have a regular check to review that your operating system applications and security tools are updated.

2. Avoid unwanted attachments in the inbox:

Don't download any unwanted attachment from your email inbox even if it comes from a known person. Moreover, verify the URL and links before clicking. There are numerous fake URLs created to take you to malicious websites and store malware in your system.

3. Use trusted sites for downloads:

It is highly recommended to visit trusted sites and download applications in your system or phone from verified app stores. Third-party websites are often found to have several unwanted download buttons or a lot of advertising, which may contain malware. When visiting a new website, check if it is SSL secured.

4. Be private on social media accounts:

With the help of social engineering, the clever evil hackers can have your security questions answered and steal your data. This can even go worse by getting into your net banking facility. Therefore, to prevent these cyberattacks, it is essential to have your social media accounts private or fill with less information.

The best way to stop ransomware is to avoid it at the beginning. Moreover, you should build a strong cybersecurity system.

Tips for Organizations:

• To validate emails, set up SPF (Sender Policy Framework), DMARC (Domain Mail Authentication Reporting and Conformance), DKIM (Domain Keys Identified Mail). This will stop the phishing emails (email spoofing).
• Use the upgraded power shell, stop using WSCRIPT.
• Actively monitor the logging activities of users.
• Regular backup of database and important files.
• Restrict the file types such as exe, bat, hlp, cmd, url, tmp, scr, com, etc.
• Update your employees on cybersecurity to create awareness.
• Make less use of remote desktops. Do not connect to office servers using Anydesk or TeamViewer or as such any RDP. Use VPN.
• Conduct a comprehensive regular cybersecurity audit.
• Do not allow USB access to the laptops and desktops.
• Do not allow guest users to connect directly to the company LAN. Have separate segregated LAN for the guest to connect to.
• Segregate the office LAN in VLANs as per departments in your office. Stop inter-VLAN routing.
• Stop Shared Folders within the LAN.
• Have Manual Backup other than automatic sync backup.
• Keep your system patched to latest patches.
• Do not use old & obsolete version of the operating systems like Windows 7, Windows Server 2008.
• Do not allow your vendors to connect your LAN remotely using any remote access tool like AnyDesk or TeamViewer. 90% of ransomware attack starts from vendors.

Is your company safe from hackers?

Book a demo audit to know the status of your organization's security defense.

We do complete health check of your network infrastructure, software, mobile, cloud, process & people.

For any queries, feel free to email us at [email protected] or give us a call at +91 9830310550.

Stay connected with ISOEH!