The Sunday Mail
4IR Simplified
John Tseriwa
IMAGINE coming home one day and finding your door locked, with a note saying that someone has taken all your valuables and will only return them if you pay a hefty sum.
You have no idea who the culprit is or if they will keep their word. You are left feeling helpless, angry and scared.
This is what it feels like to be a victim of a ransomware attack.
Ransomware is malicious software that blocks access to your computer or files, often by encrypting them, and demands a ransom for their release.
According to several recent reports from cybersecurity firms, ransomware attacks are on the rise. Most of them show a significant jump in the number of incidents.
The attackers usually threaten to delete or expose your data if you do not pay within a specific time frame.
They may also provide you with a fake or faulty key that will not work, even after you pay.
Ransomware comes in different forms (such as what files they target, how they encrypt them and how fast they scramble them), but they must bypass security measures to infect a system.
Most hackers use some common ways of delivering ransomware, such as email, but there are other methods.
Criminals exploit weak security or human error to introduce malicious software that encrypts victims’ files and/or data, hoping their targets will pay to regain access.
Now, you could be wondering whether you must pay the ransom.
Whatever you decide to do, note that these are criminals. There is no guarantee that, if you pay the ransom, you will get back access to your computer or files, or the criminals will delete copies of your files they might still have.
Ransomware is a severe threat that you may be unable to avoid altogether, but you can take action to reduce the risk.
According to a leading cybersecurity company, Fortinet, below are some tips to reduce ransomware attacks.
Avoid clicking unverified links
If a link is in a spam email or on a strange website, you should avoid it. Often, hackers spread ransomware through a malicious link that initiates a malware download.
Once the malware is on your computer, it can encrypt your data, holding it hostage and only allowing someone with a decryption key to access it.
However, the malware has to get on your computer first, and the most popular method of spreading ransomware is through a malicious link. If a link has not been verified, it is best to leave it alone.
Scan emails for malware
Email scanning tools can often detect malicious software. The email can be discarded after the scanner detects malware, without ever reaching your inbox.
Typically, the malware in the email will be embedded in an attachment or inside a file within the body of the email.
Hackers have been known to insert images that appear innocent, but when you click on them, it instals ransomware on your computer.
Scanning for emails with these kinds of files can prevent your device or others on your network from getting infected.
Use firewalls and endpoint protection
Firewalls can be a good solution as you figure out how to stop ransomware attacks. Firewalls scan the traffic from both sides, examining it for malware and other threats.
In this way, a firewall can ascertain where a file came from, where it is headed and other information about how it travelled and then use that to know whether it is likely to contain ransomware.
Next-generation firewalls (NGFW) use deep packet inspection (DPI) to examine the contents of the data itself, looking for ransomware and then discard any file that has it.
With endpoint protection, individual endpoints are shielded from threats. Certain types of traffic are more prone to carrying threats, and endpoint protection can keep your device from engaging with those kinds of data.
Hackers may use malicious applications to infect your endpoints with ransomware. Endpoint protection will prevent designated endpoints from running these kinds of applications.
Only download from trusted sites
It is common for hackers to put malware on a website and then use content or social engineering to entice a user to click on the site.
Social engineering pressures the user, typically through fear, to get them to take a desired action, clicking a malicious link.
In many cases, the link itself may look innocent. If you are not familiar with the site or if its uniform resource locator (URL) looks suspicious, even though it appears to be a trusted site, you should steer clear of it.
Cybercriminals often create fake sites that look like a trusted one. Always double-check the URL of a site before downloading anything from it.
Keep backups of important data
Ransomware attackers like to exploit users who depend on specific data to run their organisations.
Since the data plays an integral part in daily operations, a victim may feel that paying the ransom to regain access to their data makes more sense.
You can avoid this temptation by backing up your important data regularly.
If your data is backed up on a device or location you do not need your computer to access, you can restore the stuff you need if an attack is successful.
It is essential to back up all critical data frequently. To sum up, cybersecurity experts advise not to pay the ransom. Paying will only encourage the hackers to continue their attacks.
Ransomware attackers may lose interest in this type of attack if they do not get paid. They may switch to another way of making money.
So, by not paying the ransom, you are protecting yourself and others who could be potential targets in the future.
John Tseriwa is a tech entrepreneur and a digital transformation advocate focusing on delivering business solutions powered by 4IR technologies. He can be contacted at: [email protected] or +263773289802.
