• Alistair Broom
  • 23 May 2017

Protecting yourself online – the threat of Ransomware

Over the last few days the headlines have been full of the ‘Wannacry’ ransomware cyber threat that has very publicly hit a lot of businesses worldwide. This is not the first and certainly will not be the last ransomware attack that we will see in the news, and even if you apply the patches to stop this particular ransomware and block this particular exploit, this does not mean you are protected against other variants.  Malicious coders will already have prepared other variants using different exploits and different attack vectors.

So how do you best prepare yourself and protect yourself as best you can? The first and most important step is education.  Most people now own or use at least one smart device or computer, but quite often do not understand the importance of their actions regarding protecting themselves.  Also, we all take for granted that our files will always be available whenever and wherever we want them.

What is ransomware?

Ransomware is malicious code that has been created to perform a function on your device that will result in you paying to regain access to your device or files.

This may take one of the following forms:

  • Encryption – This is where malicious code on your device will begin encrypting the important files on your device and/or network and then once this has been performed will display a message that you will need to pay a ransom to unencrypt and gain access back to these files.
  • Locking out your device – This type will block you from gaining access to your device or key features of your device until a ransom is paid.
  • Scamming – This is where you will receive warning pop up messages or background images that demand you pay to get something resolved.  These can be quite threatening and intimidating.  A good example of this is a fake pop up message that says you have a virus and you need to pay to get certain software to remove it.

How does it spread?

Ransomware can be spread to your device through (but not limited to) the following:

  • Receiving an email with a link or attachment that executes malicious code on your device once you have clicked on the link or attachment.
  • Being silently spread by another infected device that is on the same computer network.
  • Visiting a website that has malicious code in it that executes when you are on it.
  • Downloading an application or piece of software that contains the malicious code.

What devices are affected?

Many people think that only devices with Windows Operating System are vulnerable. Whilst this is true in the case of the WannaCry ransomware, this does not mean that other variants will not leverage vulnerabilities in other forms of operating systems. So, the short answer is, potentially any internet-enabled device.

What can I do?

  • Firstly, make sure that you regularly run and install updates on your device.  Not just operating system updates, but also other software updates as well.  It is not just operating systems that can have vulnerabilities that malicious coders can exploit.  If your device is a corporate device it may be configured to install updates only when it is on the corporate network, so seek the advice of your IT department for best practices.
  • Where your device allows it, make sure you have antivirus software installed and, importantly, make sure that it is up to date.  Antivirus software can only protect you if it has the latest threat definitions.
  • Never click on a link or attachment in an email if you do not know who it is from – even if it is from someone you know or pertains to be from them, do not open attachments/click links unless you are expecting to receive them.
  • Do not download or install software that is not from a trusted source and is authorised for use.
  • Be vigilant when browsing the internet.  Popup windows with offers or unexpected pages can put you at risk of clicking on something that could execute unwanted content on your device.
  • Backup your important files.  This is best practice anyway, and always be of the mindset that if you cannot do without the file then back it up to another location like a USB drive or network drive or an online storage service.
  • Seek advice.  If you think or suspect you may have malicious software running on your device and do not know how to resolve it then seek assistance from someone who can help.  This may be a more knowledgeable friend, your IT department or you can also gain a lot of assistance from helpful people from internet forums.  When seeking help, be honest about what has led to you seeking help.  People can best help you if they know all the facts and timeline of events.

Final thoughts

In a more and more online world you can never be 100% safe from malicious code or people with malicious intent, but by following some basic principles above, you stand a much better chance of being protected. Safe browsing.