What Is Ransomware and How to Protect Your Data against It?

What Is Ransomware and How to Protect Your Data against It?

By Mainak Biswas December 02, 2016 - 1,054 views

Most of us already know that clicking on unsolicited links and downloading suspicious files could lead to malware wreaking havoc on our computers. However, in recent times, there has been a more malignant kind of malware.

Ransomware, as it is popularly known, a kind of malware that restricts your access to your files, devices or computers until you make a certain amount of payment. In other words, ransomware hijacks your device or files, and holds it up for a ransom demand . If you do not pay the ransom, you will lose access to your files and devices permanently.

How does a ransomware attack your computer or files?

Ransomware employs methods similar to a Trojan. It deceptively enters your computer in the form of a message, email, or web file that is downloaded intentionally or unintentionally. Once you are fooled into clicking a link, downloading a file or visiting an infected website, the ransomware encrypts files on your computer and displays a message informing files can be accessed only after the ransom is paid.

If you do not pay this ransom amount, the attackers may increase the ransom amount of delete your files altogether. While most attackers demand less than $200, some have been known to demand almost a million dollars.

Ransomware can wreak havoc on your company in multiple ways

  • Ransomware features unbreakable encryption. This means, you cannot hire decryption professionals to decrypt the files that have been encrypted.
  • Ransomware can encrypt all kinds of files on your computer or device. Whether it is personal photos or company-related executable files, everything can be infected and access to these files will be blocked.
  • File names can get mixed up deliberately, so that you won’t know which file is encrypted or not.
  • Traditional antivirus cannot detect ransomware, as these malware feature complex evasion techniques. In other words, you cannot remain complacent thinking you have the best anti-virus system installed.
  • If you have many computers connected to each other on a local network, all of these computers can get infected, making accessing any file next to impossible until you pay up.
  • If files have sensitive information, ransomware attackers can actually use this information against you and get you into further trouble. If confidential business documents are leaked, you will probably end up bearing legal costs as well.

Things you can do to protect your data from Ransomware


  • Be prepared


The first step toward protecting oneself from any adversity is to expect it. Much like most armies in the world remain prepared for a future attack, you will probably have to live in fear of being attacked by ransomware too. Fear isn’t always a bad thing. It helps you to take necessary precautions and to consider a threat as real. This isn’t being paranoid as ransomware is real, and not a bogeyman in the corner. It could happen to anyone and to any company. The only way to trick ransomware is to expect it to attack you. This will help you to take steps that will succeed in thwarting attempts to encrypt your files. And even if a ransomware manages to encrypt your files, you will still have a safe backup copy somewhere in the cloud or on an external hard disk.


  • Use external backup drives correctly


This is the cheapest and easiest way to protect yourself from ransomware. Unfortunately, this isn’t efficient or effective in most cases. What you could really do is, connect the external hard disk as little as possible to your computer. Do not let it remain connected to the computer even when you are not using it. This will allow ransomware to attack your external device and encrypt files stored on it too.

Also, you should begin to use backup programs that have versioning feature. Versioning enables you to retain backups of older versions of data, so that if a hard disk is maliciously encrypted, you will always have an older version of the disk to fall back upon. This is not a perfect method to tackle ransomware, as your recent changes will be lost.


  • Start using cloud-based backups


Cloud-based backups are always on but the files do not get uploaded quickly. However, this works in your advantage, when it comes to ransomware. Even if a ransomware encrypts your data, it will take days to weeks for it all to get uploaded. Meanwhile, you can contact your backup service company and ask them to wipe and reinstall. This will again result in recent changes being lost but at least, you will not lose all the data.

Cloud-based backups are safe at the moment, though ransomware attacking cloud-data is not too far-fetched. If you make regular backups to your cloud service, chances are, there will always be a version that hasn’t lost a lot of changes that were made recently.


  • Do not open suspicious emails or links


Most attackers send spam messages and hope that you will click on an email or link that will allow them to install the ransomware on your device or computer. So, first and foremost, use discretion while downloading attachments, opening suspicious links or emails. Even if these emails originate from an address or contact you recognize, bear in mind that anyone’s email account can get hacked. If you sense the tone of the email or the language that is used is different from the person you know, do not click on the link or attachments.

Most of the times, ransomware gets installed after people click on links sent by people whom they know. Always train your employees to right-click on attachments and scan them before opening them. If you train your employees well enough, they will become an integral part of protecting your company against ransomware attacks. In other words, employee training is a crucial part of protection against ransomware.


  • Invest in a good anti-malware tool


While most traditional malware protection tools do not offer security against ransomware, there are a few programs that do help in decrypting files after known ransomware strains have affected them. In fact, technology is still better than training your employees to be careful, as there will always be an exception when an employee clicks on a file by mistake and ransomware gets installed. Several companies specialize in decryption tools, as long as there is a backup file available.


  • Disconnect from Internet


The moment you realize you are infected, the most important thing to do is to disconnect all your devices or computers from Wi-Fi or Internet. This ensures that the ransomware does not spread to other computers or devices. Once you are offline, you can begin to assess which files have been infected and how much of data can be salvaged. It is only when you are online that malicious attackers can target your file. If you remember this fact, you will be able to protect yourself better.


  • Do not pay the ransom


While this may sound drastic, it is exactly what the cops advise when someone has been kidnapped. If you paid the ransom, the attackers will know that you are vulnerable and will use that to attack you a second time. You cannot simply keep paying ransom to attackers each time they decide to attack your files. The only feasible option is to protect yourself from ransomware attacks. Paying a ransom is known to increase the likelihood that you will be directly targeted next time, as your attackers know of your vulnerability.


  • Restrict access to files


Speak to your cloud computing vendor how you can restrict access to your files by your employees. There is no reason why a person should be able to access a file even after he or she has left the office for home, on a particular day. Ensure that files are accessible to employs only when they are using them. This will ensure that mapped drives are not always accessible to employees.

One doesn’t have to be powerless against ransomware

It is always scary to read about ransomware and how these cybercriminals managed to squeeze out large sums of money from victims. However, one does not have to be powerless in face of a ransomware attack, as elucidated in this article. Certainly, protecting ourselves against ransomware requires us to be extra-vigilant and take a number of safety steps.

Using external backup drives correctly, using cloud-based backups, not clicking on suspicious emails or links, training employees, investing in a good anti-malware tool, etc can help to protect your files from being attacked by ransomware. When the attack does take place, do not pay the ransom. Instead, disconnect from the Internet and ensure that more devices and computers are not infected.  

If you are well prepared and have a contingency plan in case of an attack, you will be able to salvage most of your files from the backup, or even avoid ransomware attacks altogether. Knowing this should certainly put your mind at ease.

Page Scrolled