Ransomware stops you from using your PC. It holds your PC or files for “ransom”. Here we talk about what ransomware is and what it does, and provide advice on how to prevent and recover from ransomware infections.
Last week, a massive cyber-attack using tools believed to have been stolen from the US National Security Agency (NSA) struck organisations around the world.
Cyber-security firm Avast said it had seen 75,000 cases of the ransomware – known as WannaCry and variants of that name – around the world.
There are reports of infections in 99 countries, including Russia and China. Among the worst hit was the National Health Service (NHS) in England and Scotland. (Read more on this cyber-attack here).
What does Ransomware do?
There are different types of ransomware. However, all of them will prevent you from using your PC normally, and they will all ask you to do something before you can use your PC, usually showing some sort of warning screen (see below).
- Prevent you from accessing Windows.
- Encrypt files so you can’t use them.
- Stop certain apps from running (like your web browser).
Ransomware will demand that you pay money (a “ransom”) to get access to your PC or files. We have also seen them make you complete surveys. There is no guarantee that paying the fine or doing what the ransomware tells you will give access to your PC or files again.
Here’s a checklist to ensure the best protection against ransomware (courtesy of Heimdal Security)
Locally, on the PC
- Don’t store important data only on your PC.
- Make sure you have 2 backups of your data: on an external hard drive and in the cloud – Dropbox/Google Drive/etc.
- The Dropbox/Google Drive/OneDrive/etc. application on your computer is not turned on by default. Open them once a day, to sync data, and close them once this is done.
- Your operating system and the software used is up to date, including the latest security updates.
- For daily use, don’t use an administrator account on my computer. Use a guest account with limited privileges.
- Turn off macros in the Microsoft Office suite – Word, Excel, PowerPoint, etc.
In the browser
- Remove the following plugins from my browsers: Adobe Flash, Adobe Reader, Java and Silverlight. If you absolutely have to use them, set the browser to ask if you want to activate these plugins when needed.
- Adjust ‘my browsers’ security and privacy settings for increased protection.
- Remove outdated plugins and add-ons from browsers. Only keep the ones you use on a daily basis and keep them updated to the latest version.
- Use an ad blocker to avoid the threat of potentially malicious ads.
- Never open spam emails or emails from unknown senders.
- Never download attachments from spam emails or suspicious emails.
- Never click links in spam emails or suspicious emails.
Anti-ransomware security tools
- Use a reliable, paid antivirus product that includes an automatic update module and a real-time scanner.
- Understand the importance of having a traffic-filtering solution that can provide proactive anti-ransomware protection.
Check out our range of external data storage and make sure all your important files and data are backed up in case of such attacks.
For more information on how to identify and prevent ransomware attacks, visit the ransomeware section of the Microsoft website.