November 30, 2015

10 tips to protect your files from ransomware

Advice Security Tips

Ransomware has become one of the most notorious cyberthreats. Once a ransomware Trojan infiltrates your system, it stealthily encrypts your files, including your valuable documents, videos and photos. This entire process runs in the background so the victim is not aware of the problem until it’s too late.

10 tips to protect your files from ransomware

When done with its dirty business, the Trojan informs the user that their files are encrypted. If the victim wants to retrieve their files, they will have to pay a ransom, which is usually several hundreds of dollars, typically paid in bitcoins. Many victims of ransomware do not have a strong knowledge or background in technology, so the inconvenience is doubled as they often have to find our what a bitcoins are and then where they can go to obtain them.

What makes ransomware a particularly vicious scam is that the encrypted files being held ransom are still being stored on the user’s computer. This unto itself is a very sad and frustrating reality as the files are not retrievable without the unique encryption key.

It is becoming obvious that ransomware is a big issue that Internet users should pay more attention to in order to preventing infection. After all, it is much harder to deal with the consequences afterwards.

Here are 10 simple tips to protect your data from ransomware:

  1. Make sure that you back up your important files regularly. It is highly recommended that you create two back up copies: one to be stored in the cloud (using services like Dropbox, Google Drive, etc.) and the other recorded to a physical means of storage (portable hard drive, thumb drive, extra laptop, etc.). Once your back up copy is ready, make sure you set up certain restriction for the files: your ‘Plan B’ device should have only read/write permissions, without an opportunity to modify or delete the files. Your back up copy could save you in all kinds of circumstances, including the accidental removal of the critical file or drive failure.

  1. Regularly check that your back up copy is ok. There are times when an accidental failure can inflict damage to your files.
  1. Cybercriminal often distribute fake email messages mimicking email notifications from an online store or a bank, luring a user to click on a malicious link and distribute malware. This method is called phishing. With that in mind, fine-tune your antispam settings and never open attachments sent by an unknown sender.
  1. Trust no one, literally. Malicious links can be sent by your friends on social media, your colleague or online gaming partner whose accounts have been compromised in one way or another.

  1. Enable ‘Show file extensions’ option in the Windows settings. This will make it much easier to distinguish potentially malicious files. As Trojans are programs, you should be warned to stay away from file extensions like “exe”, “vbs” and “scr”.You need to keep a vigilant eye on this as many familiar file types can also be dangerous. Scammers could use several extensions to masquerade a malicious file as a video, photo, or a document (like hot-chics.avi.exe or doc.scr).
  1. Regularly update your operating system, browser, antivirus, and other programs. Culprits tend to exploit vulnerabilities in software to compromise systems.
  1. Use a robust antivirus program to protect your system from ransomware. We recommend Kaspersky Internet Security, which prevents viruses from getting into your computer, or, should the virus infiltrate your system after all, protect important files using its special capability.

  1. If you discover a rogue or unknown process on your machine, cut off the Internet connection immediately. If the ransomware did not manage to erase the encryption key from your computer, there’s still a chance you can restore the files. However, the new strains of this type of malware use a predefined key, so this tip, unfortunately, would not work in that case.
  1. If you are unlucky to have your files encrypted, don’t pay the ransom, unless the instant access to some of your files is critical. In fact, each payment fuels this unlawful business which would prosper as long as you pay money.

  1. If you have been infected by ransomeware, you should try to find out the name of the malware: maybe it’s an older version and it is relatively simple to restore the files. Ransomware used to be less advanced in the past.Moreover, the police and cybersecurity experts (including those working for Kaspersky Lab) collaborate to detain the adversaries and provide file restoration tools online. Some people have an opportunity to decrypt their files without having to pay the ransom. To check whether it’s possible, visit kaspersky.com