How to Protect Yourself from a Ransomware Attack

Catapulted into the public consciousness following the WannaCry attack that hit the NHS back in 2017, ransomware is a continuing threat to businesses and home users alike.

Ransomware is a type of malware that infects systems, encrypts data, and blocks it from being accessed without a unique decryption key, which will more than likely have a hefty price attached to it. If you don’t have an up to date backup of your data that you can restore, you’re in a bit of a mess; you either accept your data is gone forever, or you pay the fee to the hackers. In 2017, we wrote about the WannaCry ransomware attack that crippled the NHS and caused mass disruption, chiefly due to the fact that many NHS trusts were using Windows XP, which Microsoft had ceased providing updates for in 2014. 19,000 appointments had to be cancelled, and the total cost to the NHS was £92 million including the clean-up in the aftermath of the ransomware attack. In recent years, a new form of ransomware has become commonplace – doxware. Doxware attacks work in a similar way to regular ransomware attacks, but they steal a copy of the data and threaten to leak it until the ransom is paid. If your business deals with confidential data, then you’re in a difficult situation – as Sony found out in 2014. Sony Pictures were the victim of a very highly publicised doxware attack that saw private emails, film scripts and even full movies. When Sony called the hackers’ bluff, they uploaded the data to the internet, costing Sony hundreds of millions of dollars. In recent months, ransomware attacks have hit the Producers Guild of America, where cybercriminals demanded Bitcoin in return for the decryption key, and the Matansuka-Susitna borough in Alaska, where workers were forced to use typewriters. If this happened to a small to medium sized business, then it’s difficult to see how it wouldn’t cripple it.

While there is a trend of ransomware attacks becoming less frequent, they are becoming more sophisticated and more targeted – as Sony found out. So how can you protect yourself against ransomware attacks? Sadly, there are typically no obvious warning signs until it’s too late, but there are some steps you can take. Email is the top attack vector for ransomware, as it remains an easy way for cybercriminals to exploit human error. Often, criminals pay into human nature, and offer enticing offers that can ostensibly claimed by clicking a link. Ransomware can also be spread via websites, in what is known as an exploit kit, a tool that scans machines looking for any software with known vulnerabilities. If one is found, ransomware can be downloaded and installed to the victim’s computer.

The best way to protect yourself against ransomware attacks is education. If you’re a business, make employees aware of the dangers that can lurk in emails. One click is all it takes, and ransomware attacks will typically send out mass emails. You should always keep up to date backups, and conduct “ransomware drills” several times a year to ensure you have the best recovery time. If you’ve already been hit by a ransomware attack, it’s worth searching online to see if the master keys have leaked – many well-known ransomwares’ have. Malwarebytes, for example, have released versions for the Cimera and Petya ransomwares. It is advised by most experts that you shouldn’t pay the ransom fee, as this will only encourage further illegal activity.