How to Prevent Yourself from Becoming a Ransomware Victim

Credit: ID 92722392 © Aleksandr Velichko | Dreamstime.com

Every time you connect to the internet, whether it's from a computer, tablet, or smartphone, you are vulnerable to cyberattacks from outside threats and hackers. One of the most common forms of cybercrime today is known as ransomware, which occurs when a hacker manages to lock and encrypt data on your device and demand a payment in order to release the information.

Ransomware attacks are very often targeted at businesses, governments, and public institutions, though more recently they have spread to individual internet users as well. In particular, the cryptocurrency community has become extremely vulnerable to such attacks. New schemes like the Kraken Cryptor virus will lock down the computers of digital investors.

Fortunately there are a number of steps you can take to protect yourself and your organization or family from ransomware attacks. And if you do happen to fall victim, we'll tell you what steps to take next.

Monitor and Filter Email

A significant portion of ransomware attacks come about as the result of phishing scams, where a criminal sends out spam to a group of email addresses and pretends to be connected to a legitimate company. For example, you may have received a suspicious email claiming to be an account alert from Amazon, Apple, or a credit card firm.

These days, many phishing scams are pretending to be related to cryptocurrency platforms and exchanges. The messages might say that you have a pending transaction that needs your approval. But when you click on the link in the message, it will direct your browser to an unsafe web page. Some ransomware attacks also originate from malicious attachments in an email.

Reports indicate that 93 percent of phishing emails today are related to a ransomware scheme. Individuals who follow the rogue links or open the attachments within these messages will inadvertently install malware on their device that gives the attackers the ability to encrypt system data.

As a protective measure, you should always have a strong junk filter enabled on your email account. This, of course, will not be able to block all spam, so you also need to be extremely diligent when opening messages and following links. Always check the sender address and the URL of the clickable link. If something looks suspicious, close and delete the message right away.

Stop SQL Injections and XSS Attacks

If you run a public website, even if it's just as a hobby or side business, you have the duty to protect your visitors from outside threats that could lead to ransomware attacks. The two most common website vulnerabilities are SQL injections and cross-site scripting (XSS) attacks.

A SQL injection targets the back-end database of a website, typically by exposing a security flaw in a URL request or input field. This could allow an outside hacker to gain read access to sensitive data, including local passwords. If such an event occurs, then the attacker could lock all website access and issue a ransom demand to the owner.

To prevent a SQL injection attack, you need to evaluate every line of code that includes a direct call to your back-end database. These functions need to check for special characters that could simulate a SQL query and restrict them from being used. In addition, make sure your firewall is set up to block all unnecessary access to the local database.

XSS attacks are similar to SQL injections except they occur at the browser level, typically through a comment or other text field. An attacker will enter rogue JavaScript code and force it to appear on the webpage for all other visitors to see. The code will then redirect the users to an outside website that operates as a phishing scam.

Like with SQL injections, you should validate all input entries processed by your web server and block anything that could potentially be used for XSS attacks. Languages like Java and PHP have pre-built libraries that can help you automatically sanitize the inputs received.

Run Regular Backups

The target of a ransomware attack is usually the hard drive memory on your computer or mobile device. The criminal will block you from accessing the information through a method of encryption that only they can unlock. Encryption is a process that renders data unreadable - or in the case of an image, unviewable - by scrambling the characters with a cipher and requires a decryption key to unscramble. As a result, data backups are often the fastest short-term measure of recovering from a ransomware attack.

Both companies and individuals need to be diligent about how and when they back up their digital data. Daily snapshots should be sufficient for most cases, but if your computer contains sensitive information that changes on a rapid basis, then you should look into robust solutions that offer hourly backups.

Backup products on the market today offer an incremental feature that stores one primary snapshot of your hard drive and then tracks individual changes in the future. This way, only small additions are made to your backup system, which will improve the speed of each snapshot process and reduce the amount of extra storage space you require.

React Quickly

Even if you've followed all of the above steps and believe you are fully protected from ransomware, you still need to have a plan of what to do if an attack becomes real. On average, about 50 percent of businesses end up paying a ransom to try to remove the malware. But even if you agree to the criminal's demands, there's still no guarantee that you will get all of your data and access back.

The Bottom Line

In the immediate aftermath of a ransomware attack, you should take an initial snapshot of all affected systems so that you have a point of reference moving forward. Then, before reverting back to an older backup, take the time to assess the full situation and determine how much data is at risk. If you catch the attack quickly enough, you will likely have time to isolate the malware and limit its impact.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
CSO WANTED
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

Tags hackersmalwarephishingdata protectionransomwarecyberattacksransomware attackscybercriminals

More about AmazonApple

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Sam Bocetta

Latest Videos

More videos

Blog Posts