Best Practices to Protect yourself against Ransomware
Best Practices to Protect yourself against Ransomware
Ransomware is a malicious software that cyber-criminals use to hold your
files (or computer) for ransom and requiring you to pay a certain amount of
money to get them back by encrypting your files. Since its been discovered,
Ransomware has been growing at a tremendous speed with more and more users being
infected, both companies and consumers. This is critically affecting the
productivity & reputation of many companies, which many of them are paying in
the end.
Even if your organization is not protected by a comprehensive
network security solution like Sangfor
NGAF, there are still a few things that you do to prevent or at least
minimize the damage.
1. Backup Your Data
Not only against Ransomware,
doing a regular backup of your data can help you whenever your computer or
network encounter a failure. Remember to do it on an external driver (better if
password protected), which should be disconnected when not in use. This will
avoid any access from it by Ransomware.
2. Show Hidden-Files extensions
By default, some
Windows systems will hide known file-extensions (e.g.: “FILE.PDF.EXE”), so
people might not be able to recognized a potential threat when they see it.
Cyber-criminals know about this and will disguise the file under another name.
By enabling show hidden-file extensions, you will be able to easily spot
suspicious files.
3. Make Sure Your Computer is Up-To-Date
Many
cyber-criminals will rely on existing vulnerabilities of users running outdated
software to get access to their computer. Whenever possible, remember to do
regular update of all your software, including OS system, and if possible let it
run automatically for better convenience.
4. Do a System Restore Whenever Necessary
Remember
to enable System Restore (if you are using Windows) whenever possible. This
might help you to take back your system to a state before being infected by
Ransomware.
5. Disable Remote Desktop Protocol (RDP)
Cyber-criminals might get access to your Computer through Remote Desktop
Protocol (RDP), which is a tool available in Windows to allows others to access
your desktop (for technical support & others). If you do not use it in your
company, it is a good idea to disable it just in case.
6. Be Quick: Disconnect Your Internet Connection
If
you suspect that your Computer got infected after opening a file with
Ransomware, disconnect all connections to Internet IMMEDIATELY by closing your
Wi-Fi connection and/or unplug your LAN cable. This will delay or stop the
communication with the C&C server before it finishes encrypting your files, and
if you are lucky, it might save you.
7. Filter “.EXE” files in Emails
If your Company has
a gateway email scanner and if it can filter files according to their extension
(e.g.: .EXE), it could be a good idea to deny emails with the .EXE extension as
it is really not often used on a daily basis.
8. Use a Reputable Anti-virus, Anti-malware and Firewall
solutions
Even if this is only useful on a user-basis, it is always
nice to have your own computer protected with a good anti-virus, malware and
firewall solutions to help you identify and stop potential threats. There are
many free software’s available on Internet, so if you do not have one at the
moment, go and download them now!
9. Disable macros in Microsoft Office files
Microsoft
Office documents containing built-in macros can contain embedded code written in
programming language (VBA) and be dangerous as they can become a potential
vehicle for malware such as Ransomware. Disable it for further security.
10. Last but not the Least, Educate your Users!
All
the above advices are only useful if followed by every employee in the Company.
That is why IT managers have to make sure that everyone knows about the risks of
Ransomware, what it could do, and how to protect yourself or at least minimize
its damage.
How Sangfor NGAF can help Organizations
Sangfor
NGAF is the world 1st fully integrated NGFW (Next Generation Firewall) + WAF
(Web Application Firewall). It can help you provide a comprehensive network
security protection against current, emerging and future threats.
Below are
the main tools integrated in Sangfor NGAF that can help prevent your
Organization being affected by Ransomware.
• Anti-Phishing: Send out
alerts on suspicious emails that could bring in Ransomware.
• Anti-Virus:
Clear out known Ransomware according to over 1+ million signatures in SANGFOR
database.
• Sandboxing: Detect and block emerging and new Ransomware by
cloud-based threat analysis.
• Anti-Malware: Damage remediation - keep
Ransomware from spreading via corporate network and even block the encryption
process.