10/13/2017

Go From Ransomware Survivor to Ransomware Warrior in 6 Easy Steps

An ounce of prevention is worth a pound of cure

Ransomware is a kind of malware that locks your computer and prevents you from accessing your data unless a ransom is paid. Ransomware does not discriminate: In recent years, it has locked personal computers, Fortune 500 companies and government agencies.

1. Upgrade Regularly and Patch Early and Often

If your computer has an old operating system, such as Windows XP, cyber security experts highly recommend that you upgrade to a newer operating system as soon as possible. Eventually, manufacturers stop making security updates for old operating systems, and if you don’t get a newer operating system, hackers can use the weaknesses in your old system to steal your information.

Also, make sure that you have the latest security updates and patches for your operating system. The sooner you patch, the fewer open security holes remain for hackers to exploit. Learn how to enable automatic updates to your operating system. And don’t forget updates for other software programs such as Java, Adobe Flash, Adobe Shockwave, Acrobat Reader, QuickTime or web browsers like Chrome, Firefox or Internet Explorer.

2. Give the Least to Get the Most

Permissions allow you to say who has access to certain files on your computer.  For example, you can set a permission that prohibits some employees from adding or deleting files. A simple rule is to tailor permissions to job functions, e.g., a human resources employee does not need to have access to billing data.

3. Use the Tools, Security for All

There are a wide variety of security tools and your defenses can range from a simple antivirus program to a comprehensive security package with network monitoring. At a minimum, make sure that you have an up-to-date antivirus program and firewall. 

4. Back Up and Test

Backing up your computer is still the single most important defense against ransomware. The idea is to back up important data daily, so that even if your computers and servers are hacked and locked, you won't be forced to pay to get back your data. Make sure your backup drives are always disconnected from your system and placed in secure tamper-resistant storage. And, most importantly, don’t forget to test and update your backups regularly.

5. Got a Bug? Check for Remedies!

If you sense weird activity on your machine, disconnect it immediately from the internet or other network connections (such as Wi-Fi or Bluetooth). This will prevent the infection from spreading. However, if your computer has already been infected, check online for free decryption tools that allow you to unlock your computer without paying a ransom. For example, the No More Ransom Project offers resources to identify the type of ransomware infection and look for the appropriate decryption tool. The article, “Best anti-ransomware tools” from Tech World, also lists a number of security tools focused on ransomware.

6. Strengthen Your Weakest Link

Despite an organization’s best efforts to strengthen its cyber network and security, human behavior can be the weakest link in your security efforts. Educating employees about phishing scams, malware, and other cyber issues can go a long way to secure your organization against cyberattacks. The Ohio Attorney General’s Office offers free presentations for businesses to learn more about cybersecurity.

To learn more, please visit http://www.ohioattorneygeneral.gov/Business/CyberOhio.