What Is Ransomware? Follow These steps And Stay Safe Keep Your System

Ransomware May 16, 2017

Computers across the world were locked up and users’ files held for ransom when dozens of countries were hit in a cyberattack that targeted hospitals, companies and government agencies.
Here’s all you need to know how malware and ransomware work and what you need to do to your data safe.

What is ransomware?

It is a type of malware that essentially takes over a computer and prevents users from accessing data on it until a ransom is paid in bitcoins.

In most cases, the software infects computers through links or attachments in malicious messages known as phishing emails. The software usually is hidden within links or attachments in emails. Once the user clicks on the link or opens the document, their computer is infected and the software takes over.

What kind of files are being targeted?

1.Commonly used office file extensions (.ppt, .doc, .docx, .xlsx, .sxi)

2.Less common and nation-specific office formats (.sxw, .odt, .hwp)

3.Archive and media files (.zip, .rar, .tar, .bz2, .mp4, .mkv)

4.Emails and email databases (.eml, .msg, .ost, .pst, .edb)

5.Database files (.sql, .accdb, .mdb, .dbf, .odb, .myd)

6.Developers’ source code and project files (.php, .java, .cpp, .pas, .asm)

7.Encryption keys and certificates (.key, .pfx, .pem, .p12, .csr, .gpg, .aes)

8.Files used by graphic designers, artists and photographers (.vsd, .odg, .raw, .nef, .svg, .psd)

9.Virtual machine files (.vmx, .vmdk, .vdi)

How can you prevent an attack?

1. First and foremost, be sure to back up your most important files on a regular basis.
Ideally, backup activity should be diversified, so that the failure of any single point won’t lead to the irreversible loss of data. Store one copy in the cloud, resorting to services like Dropbox, and the other on offline physical media, such as a portable HDD.

An efficient tactic is to toggle data access privileges and set read/write permissions, so that the files cannot be modified or erased. An additional tip is to check the integrity of your backup copies once in a while.

2. Personalize your anti-spam settings the right way.

Most ransomware variants are known to be spreading via eye-catching emails that contain contagious attachments. It’s a great idea to configure your webmail server to block dubious attachments with extensions like .exe, .vbs, or .scr.

3. Think twice before clicking.

Dangerous hyperlinks can be received via social networks or instant messengers, and the senders are likely to be people you trust, including your friends or colleagues. For this attack to be deployed, cybercriminals compromise their accounts and submit bad links to as many people as possible.

4. Patch and keep your operating system, antivirus, browsers, Adobe Flash Player, Java, and other software up-to-date.

This habit can prevent compromises via exploit kits.

5.Keep the Windows Firewall turned on and properly configured at all times.

6.Deactivate AutoPlay.

This way, harmful processes won’t be automatically launched from external media, such as USB memory sticks or other drives.
7. Make sure you disable file sharing.

This way, if you happen to get hit, the ransomware infection will stay isolated to your machine only.

8.Users and administrators of older Windows systems such as Windows XP, Vista, Server 2008, and Server 2003 should get an update to a newer version.

9. Enhance the security of your Microsoft Office components (Word, Excel, PowerPoint, Access, etc.).

In particular, disable macros and ActiveX. Additionally, blocking external content is a dependable technique to keep malicious code from being executed on the PC.

10.Trust no one. Literally
Never open attachments in emails from someone you don’t know. Cybercriminals often distribute fake email messages that look very much like email notifications from an online store, a bank, the police, a court or a tax collection agency, luring recipients into clicking on a malicious link and releasing the malware into their system.