How to Protect Against Ransomware

We live in a time of ever-increasing digital security threats. Ransomware is one of those threats. You’ve probably heard of it. It’s gathered a lot of media coverage with high-profile attacks in recent years. But, the threat isn’t just against corporate entities, financial institutions and government departments. Little old you and me – regular Joes – are also increasingly at risk from ransomware attacks. Not at the scale or magnitude of those high-end targets but, nevertheless, from bad actors that can cause enormous harm to our privacy, finances and mental well-being. So, in this article, we look at how to protect yourself from ransomware.

What is ransomware?

Ransomware is a type of malware. The term ransomware covers a wide variety of attacks which seek to encrypt data and hold the data ransom until the owner of the data pays a fee for its release. This is usually achieved through the installation of a malicious program (which contains and deploys the ransomware) on the device.

Types of ransomware

There are several flavors of ransomware but there are four main categories:

1. Encryption. Utilizing advanced encryption techniques, ransomware securely locks away sensitive data – rendering it inaccessible without the necessary decryption key.
2. Lockers. Lockers lock down your computer and render it useless, prohibiting you from working or utilizing any of its features until the ransom is paid.
3. Scareware. Scareware can be a real nuisance, aiming to terrify users into purchasing software they don’t need. In some cases, it’ll launch unsolicited pop-up ads that persist until the user reluctantly pays for their removal.
4. Doxware/Leakware. Doxware or leakware may be used maliciously to blackmail victims by threatening to expose personal or company information if a ransom is not paid. This is being used more by hackers. In fact, in 2021 a staggering 77% of ransomware attacks carried the additional threat of publicly leaking confidential data. This is a major threat to both an individual’s privacy but also large organizations that have confidential information and intellectual property.

And the threat doesn’t only remain on one single infected device. If so designed, when in a suitable connected environment, a ransomware infection can spread across an entire network, jeopardising countless more important data.

The cost of ransomware

The impact of ransomware is escalating each year and it is predicted to increase tenfold by 2031. That’s why it isn’t anything to be trifled with. While the figures show the most damage to corporations and large enterprises (private and public), there is also a risk to everyday internet users. Here are some scary statistics that should prompt you to take ransomware seriously and take steps to protect yourself from ransomware attacks.

1. In 2021, the global cost of ransomware was $20 billion. It is projected to reach a staggering $265 billion by 2031. (Cybersecurity Ventures)
2. An alarming 37% of businesses and organizations experienced some form of ransomware in 2021.(Sophos)
3. The average cost for a business to recover from a ransomware attack in 2021 was $1.85 million.(Sophos)
4. Unfortunately 32% end up paying the ransom but more infuriatingly they only get 65% of their data back on average.(Sophos)
5. Just 57% of businesses successfully recover their data from backups.(Sophos)
6. The average ransom demand paid in 2021 was over $220,298 in 2021. Ransom demands levied on small businesses averaged $5,900.

Some of the most notorious ransomware attacks include Cryptolocker (which infected 1 million + machines with a small ransom of $100-$300); Darkside (which inflected the Colonial Pipeline and for which a $5 million ransom was paid); SamSam (which was used to attach the city of Georgia leaving 8000 employees without computers, and citizens unable to pay water bills and parking fines); and WannaCry (a global, widespread ransomware attack on institutions on a mass scale).

Below is a ransom message from the ransomware infection Netwalker.

Can you protect yourself against ransomware?

Staring at a locked laptop screen and threatening message is truly stressful. What do you do? How do you proceed? Will your data be ok? What about your confidential files? Can this be ignored? Should I pay up?

The best approach to ransomware is to be one step ahead and take measures to reduce your risk of becoming a ransomware victim in the first place. So yes, you can, and should, protect yourself against ransomware.

Some steps are simple, some more involved, and some will require some investment of time and perhaps money to ensure you have the best framework in place to protect against ransomware infecting your system.

But the first place to start is awareness. Be aware that ransomware infections can be caused through various means. For example, there are many fraudulent and insecure websites waiting for you to visit. Or, the countless dodgy downloads concealing ransomware, just waiting to be released on your computer. And then there’s that spam email you receive, some of which no doubt will be malicious emails offering enticing links to sites hiding ransomware with the intent to extort money from you. That’s why the first step is to be aware and alert to the risks and the most common ways attackers will exploit a victim.

The most common ways that ransomware infects computer systems

Attackers use an array of methods to get their malicious software on your machine, but these are the most common methods:

1. Phishing emails 

According to the FBI, malicious emails containing files or links continue to become more sophisticated and targeted. If one were to click the link or open a file included in these emails, then their computer will be infected with ransomware. Phishing attacks have become increasingly common as attackers refine their tactics for maximum impact.

2. Remote Desktop Protocol

Remote desktops provide cybercriminals with the capability to access a computer’s data via the internet. To acquire user credentials, they may attempt multiple login combinations until one is successful or identify compromised passwords on the dark web for the installation of malicious software.

3. Software

Ransomware attackers are able to exploit security flaws in common software applications, allowing them access to a user’s system and ultimately enabling the installation of malicious programs.

Know your security vulnerabilities

You could be a potential target of a ransomware attack, as there are several conditions that might put you at risk.

• The technology you use, like a computer, is outdated
• Your device uses older, outdated software and legacy systems
• The browsers or operating systems are not patched by the provider
• You do not have an adequate backup plan
• You haven’t paid attention to cybersecurity measures.

Any one of these can make you vulnerable to a ransomware attack. Keeping on top of the above, installing updates regularly, and implementing a backup plan are all best practices, and can be done simply, but it takes time, and may be overwhelming for some of us. If you need help staying on top of your security vulnerabilities, then some cybersecurity software, like Bitdefender, Kaspersky, Acronis can scan your system and identify those parts of your operating system or installed programs that might be at risk.

How to protect against ransomware

1. Use Common Sense

As previously mentioned, the first step in protecting yourself against ransomware attacks is to be aware. that’s the best defense to start with. Be aware of the ways in which this malicious software can infect your computer. And then, avoid those things! The following list should be common sense really. If you can’t trust the origin of something, then don’t click on it, install it, or shove it in your USB drive. However, it is helpful to remind ourselves of these things:

Do not click on suspicious links

Never tap on links in spam emails or on dubious websites. If you accidentally click on a malicious link, an automatic download could start that would compromise your system and put it at risk of infection.

Do not share personal information 

Be cautious of any untrusted calls, texts or emails asking for your personal information. Cybercriminals often use this method to gather data which they then manipulate into tailored phishing messages directed at you. In case of doubt regarding the authenticity of a message that you have received, contact the sender directly and make sure it is legitimate before responding in any way.

Don’t open suspicious email attachments

To guard yourself against ransomware threats, it’s essential to be vigilant when examining email attachments. Before opening any suspicious-looking files, take the time to investigate who sent them and ensure that their address matches who they claim to be. Additionally, never open attached contents asking you to run macros—this is a telltale sign of infection! Opening such an attachment will activate malicious code granting malware access to your device. According to Symantec, Microsoft Word documents with .DOC and .DOT extensions are the most frequent targets of ransomware attacks.

Don’t insert untrusted USB drives

Be extremely cautious about plugging USB sticks or other storage devices into your computer if you’re unaware of their origin. It’s possible that malicious actors have infected the device and left it in a public area, hoping to draw unsuspecting people in. To protect yourself from cybercrime, only connect media sources which are familiar and trustworthy!

Keep your programs and operating system up to date 

Regularly updating programs and operating systems helps to protect you from malware. When performing updates, make sure you benefit from the latest security patches. This makes it harder for cybercriminals to exploit vulnerabilities in your programs.

Use only trusted sources for downloads

To avoid the potential of introducing ransomware to your devices, only download software and media files from trusted sources. Look for indicators like trust seals or “https” instead of “http”, as well as a shield symbol in the address bar that indicates page security. Additionally, when downloading something on your mobile device, make sure you are using either Google Play Store or Apple App Store – both reliable services depending on what type of phone you have.

Use a VPN on public Wi-Fi

To stay safe against ransomware, get in the habit of using a VPN on public Wi-Fi networks. Your device is exposed to heightened risks while connected to a shared network, so it’s best not to conduct sensitive transactions over these connections or use a secure virtual private network (VPN) service instead.

2. Be Pro-Active Against Ransomware

Windows Protected Folders

If you are a Microsoft Windows 10 or 11 user, there are some specific steps you can take to protect yourself. Microsoft understands how cyber-attacks such as ransomware can potentially jeopardize your data. For that reason, they’ve developed a secure anti-ransomware tool for both Windows 10 and 11 known as controlled folder access, which only permits trusted applications to access the documents on your computer. Any suspicious or malicious software will be blocked from entering through this feature!

To stay safe from ransomware, you will need to manually turn on the feature. You can even personalize it further by adding new applications and folders to its whitelist of programs that have access to your files; this surpasses the ones it protects automatically.

For instructions on how to use Windows protected folder, click here.

Paid / Free anti-ransomware software

You can be proactive and prevent ransomware attacks by using anti-ransomware software. Anti-ransomware software is often found bundled with antivirus software, where a suite of security tools offer endpoint protection from future attacks from new malware infection, malicious sites, infected devices, malicious links and other means.

In 2021, the success rate of ransomware attacks was 54%, however, 39% were blocked before any data loss via ransomware encryption. Clearly, anti-ransomware software can be effective in protecting against a substantial number of these cyberattacks. The best, most consistent antivirus software for protection against ransomware is Bitdefender. But there are other good options too.

Backup… properly

Protect yourself from ransomware by backing up your files. Ransomware is created to hold your valuable data captive until you pay the ransom, but if you have a backup of these files, there’s no need to succumb to extortion as you can restore them easily with one click!

However, when it comes to safeguarding against ransomware, not all backup techniques are equal. Selecting the appropriate data backup service is essential for mitigating risk – that’s why cloud-based storage and backups come so highly recommended over just backing up to an external drive connected to your PC. If you do opt for the latter method and then find yourself a victim of ransomware, chances are both your computer and backup drives will be encrypted as well.

Ensure that the cloud-based storage and backup solution you are using has versioning capabilities – this allows the system to not only backup files and retain a current copy but also any previous versions of those files. This way, if your most up-to-date documents become infected in some form or another, you can restore previous versions of files with ease.

To ensure you can quickly restore files when needed, it’s wise to become familiar with the versioning features of your current backup and storage services. Versioning is used by many providers. So, make sure you understand how this works in order to leverage its benefits.

One of the best and easiest backup programs is Blackblaze. It allows cloud backups and also backups to local drives so you can store them locally offline and have them available for quicker disaster recovery.

Update and patch software

Microsoft consistently releases Windows 10 and Windows 11 security patches that are automatically installed via Windows Update. But if you happen to come across any news about a ransomware attack or other malicious threats, do not hesitate to download and apply the update yourself—it is vital for securing your device from potential damage as soon as possible. On top of this, always ensure that Microsoft’s anti-malware tool: Windows Security has its latest definitions downloaded so that your system can stay safe at all times.

If you’re using Windows 10, navigate to Settings > Update & Security > Windows Update and click the Check for updates button. If you upgraded your computer to Windows 11, simply head over to Settings>Windows Updates and press the Check for Updates icon.

It is essential to stay up-to-date with not only Windows patches, but also any other software you are using. Ensure that your anti-malware programs and their malware definitions are continuously updated if they differ from the standard Windows Security. It’s essential to ensure that all your other computer software remains up-to-date too. Check how each program is updated, and make sure you stay current with the software updates on an ongoing basis.

Disable macros

To protect yourself from ransomware, it’s important to disable macros in your versions of Office. Fortunately for you, Microsoft now automatically deactivates them by default; however, depending on when and if you’ve installed the updates or not, they may still be enabled. To ensure that your system is safe from malicious code like ransomware–it’s critical to switch off these potentially harmful features. Protect yourself by disabling your Office application macros! Head to File > Options > Trust Center > Trust Center Settings, before selecting either the option of Disable all macros with notification or without. If you choose the former, when a file with potential macro threats is opened, an alert will appear notifying you that they were disabled and allowing for activation if deemed safe from a trustworthy origin. Always be sure of the source’s credibility prior to enabling these features.

I got infected with ransomware. What do I do?

In the business environment, the statistics show that it can be more costly to pay up than to refuse. So, if you’re business machines are infected, seek help first. Reach out to experts, get the guidance, especially if the demands are significant.

But what about us little guys? Having your data held for ransom is a very scary, stressful, and confusing situation. Thankfully, there are some security solutions out there that can help you recover your data.

Malwarebytes is probably the best ransomware removal tool. There’s 14-day free trial with full features after which there is a subscription. For a totally free option, there’s Avast Free Ransomware Decryption Tools or Kaspersky’s Free Ransomware Removal

The Final Score: How to protect against ransomware

Unfortunately, as the digital universe encroaches on our lives, there will always be new threats to our security and privacy. Ransomware is a more recent tactic that hackers have used to infiltrate and hold victims’ data for ransom. They do this by sneaking their malware onto your machine through downloads, spam emails, dodgy websites or even via macros in programs like Microsoft office. Once on your machine, they will typically encrypt your data and lock your computer with the promise of releasing it once you pay the ransom fee.

Firstly, the best cure is prevention. And it starts with awareness and commonsense. Avoid clicking, downloading or visiting anything suspicious. Use a VPN when on public networks. It helps protect you! Basically, avoid opening the door to strangers!

Secondly, be proactive: make sure your computer, operating system and programs are up to date. And use some anti-virus software like Bitdefender. While it won’t block 100% of malware, it will do a decent job of keeping the majority out.

Thirdly, make sure you do backups (in the cloud and also stored locally offline). That way should your data become encrypted, corrupted or lost, you have files ready to restore.

Finally, if you do become a victim of ransomware get help from special software. There are programs, like Malwarebytes that offer effective ransomware removal tools.

Ransomware is just one threat. Make sure you implement secure measures like VPNs, password managers (even a free password manager) and backup software to limit loss and reduce risk. As always, be smart and stay safe.