Unlike other types of malware, you can’t just clean up the ransomware and get on with your day. A regular virus will not destroy all your data and backups. This is why ransomware is a danger that you need to prepare for in advance.
«If I didn’t run protection against ransomware,» said director Adam Kujawa Malwarebytes Labs. «If you haven’t backed up beforehand, then you’re really out of luck.»
Are you in danger?
Sure, a ransomware attack It can be bad, but not all dangers present the same level of risk. For example, the impact of a killer asteroid is a known danger. Should we spend billions of dollars to build a defense against a threat that only occurs once every 100 million years? Not necessarily, because the risk of real impact is quite low. So when it comes to ransomware, you need to consider what is your level of risk of permanent data loss.
Part of assessing your risks is to consider how prepared you are for an attack. Are various things you can do so that your data be relatively safe. Because ransomware can and will encrypt any file it finds on your computer or on a connected network, choose a backup solution that doesn’t make your files easily accessible.
One of these solutions is to «make room» on the backup drive, which means that it is not constantly connected to your computer or network. Another option is a backup tool that uses version control so you can restore versions of your files before any disaster. If you have a secure, isolated backup, a ransomware attack might be awkward, but you can get rid of it without too much difficulty.
Combined with common sense precautions, such as not clicking on links you don’t trust, this is fairly standard computer hygiene. There are also some easy ways to add ransomware protection to your computer without installing another security program. Your existing antivirus package may already provide some protection. For example, if you’re using Windows Defender, Windows 10 default antivirus, has built-in ransomware protection, but is disabled by default.
Yes Enable Windows Defender Ransomware Protection «Controlled File Access», the software will protect regular folders, such as Documents and Images, from unauthorized changes. If a ransomware application can’t access your Documents folder, it won’t be able to encrypt your files – play, configure, combine! There are also free applications such as RansomBuster of Trend Micro, which works in the same way.
Unfortunately, this approach is not infallible and can be cumbersome in practice. Many programs legitimately need to access your document folders on a regular basis, so you may need to put a lot of permission pop-ups.
Ransomware remains a serious threat
Some experts believe that the heat is not in the computers at home. Criminals tend to focus their efforts on victims with a lot of money. The Check Point 2020 cyber security report agrees with this assessment:
«In 2019, we saw an escalation of sophisticated and targeted ransomware exploits. Specific industries have been severely victimized, including state and local governments and healthcare organizations. «
The 2019 headlines were full of stories about these attacks, including about the successful attacks on over 70 state and local governments. If you are not a bank or city government, you may have less to worry about ransomware in 2020 than you did a few years ago, because today’s ransomware attacks are more targeted.
In addition, a 2019 study on ransomware trends by RecordedFuture noted that the total number of ransomware campaigns could increase steadily, but «the truth is that most of these campaigns are ineffective and disappear quickly.»
This is good news for your home computer, especially if you don’t want to run another cyber security application. However, I have not yet left the forest.
«It’s easy to conclude that ransomware is no longer a problem for consumers,» Kujawa said. «But we know, based exclusively on history, that cybercrime and tactics are cyclical. They turn around. Maybe we will see something that uses a technique developed to attack companies and is adopted by consumers. Perhaps a new tactic of exploitation or infection is available that generates a better ROI for cybercriminals to return to haunting consumers. «
Jonny Pelter, CEO al SimpleCyberLife.com, you agree.
«The volume of ransomware attacks has begun to stabilize, but the level of attacks remains high.»
This is true. Probes of CrowdStrike 2019 global security attitude documented that the number of victims who paid ransoms for attacks last year was double that in 2018.
«Of course, this will make the development and distribution of ransomware by cybercriminals much more profitable,» Pelter said. «Unfortunately, I am afraid that we are entering a period of satisfaction. As ransomware attacks disappear from the mainstream media, people misinterpret this as a decrease in the number of ransomware attacks, which is unfortunately far from the truth. «
Ransomware prevention software
All of this means that you can be relatively safe in the short term, but it’s still a good idea to protect yourself with some ransomware prevention programs. While home computers have been relatively defenseless for several years, there are now many anti-ransomware packages to choose from, both free and paid.
Even standard antivirus packages now typically offer some level of protection against ransomware. However, many of these (and most free packages) are based on the same technology used by traditional antivirus programs. They detect known software signatures to recognize malware. The disadvantage of this approach, of course, is that it leaves you vulnerable to zero day infections.
Instead, most independent ransomware packages, such as Acronis Ransomware protection, Check Point ZoneAlarm Anti-Ransomware Yes Malwarebytes Anti-Ransomware Beta, detects malware through its behavior. These programs monitor the activity of applications and quarantine processes that perform suspicious actions, such as generating an encryption key or starting to encrypt files. This makes these programs much more effective in stopping ransomware, whether it is a known strain, new threat, or hybrid malware (both viruses and ransomware). And yes, there is something new to worry about.
«We see that more families of malware are adopting ransomware capabilities,» Kujawa said. «Where before he could have stolen some information, now, once he does, he could save your system and ask you for money.»
Whatever method you choose to protect your computer and data, remember: when it comes to ransomware, prevention and preparation are essential.
And the problem is likely to get worse. As Kujawa cried:
«Ransomware is the nightmare of my career.»