According to the report published by McAfee, ransomware is the next biggest threat of 2016. Ransomware is a malicious code which prevents a user from using his/her computer systems until the ransom asked by ransomware creator is paid. Recovering from a ransomware is nearly impossible and there is no other option than paying ransom to the attacker, but falling victim to a ransomware and damage to the amount of data and system can be prevented following some basic tips mentioned below:
- Backup Your Data
All your data should have a regular backup in the different medium like cloud storage, USB drive or External drive, so that even in a worst case scenario you can still have access to your data.
- Think Before You Click.
Almost every Ransomware spread through the Internet through file-sharing websites, attachments from an email, files and links to file downloading websites shared in social networking websites. So, whenever you seen an attachments or any links always think before you click, and make sure the link and file you are downloading are from a trusted source.
- Hardening Your Anti-Spam Filters.
Many spams emails contain eye-catching messages and are attached with Ransomware which when clicked by users gets your machines infected. Make sure your Anti-Spam filters are enabled and you are disallowing file extensions like .exe, .vbs, or .scr in mail server to block all suspicious attachments.
- Don’t Open Suspicious Attachments.
Always suspect a file that is attached to your emails or shared in social networking websites. Don’t open any files that you suspect, and in case you need to open those files make sure you open it in an isolated virtual environment.
- Use show file Extension Settings.
This is a settings feature in Windows that permits you to effectively tell what sorts of documents are being opened. An attacker can hide malicious code in different file format like in images e.g., movie.avi.exe or account.xlsx.scr to execute their hidden command, enabling this setting would allow you to see what file extension files you are opening.
- Always update.
Make sure your system is always updated, updates usually contains critical patches to several security vulnerabilities.
- Turn Your Firewall On.
Every system has its own firewall make sure your Firewall is enabled and properly configured.
- Scan all Compressed and Archived File.
Many malicious code and file are inside a compressed file, use anti-virus and scanners to scan that compressed file before opening.
- Disabling Windows Script Host.
- Disable windows Powershell.
Windows PowerShell is a framework for task automation, it must only be enabled when necessary.
- Enhance Security of Microsoft office component.
Blocking external content is a dependable technique to keep malicious code from being executed on the PC.
- Block Popups.
Pop-ups are the entry point for trojans and malware, adding add-on or extensions for blocking popups can reduce entry point for trojans and malware.
- Deactivate Autoplay.
Disabling autoplay will block harmful process to run from external media devices like USB and external hard drive.
- Define Software Restriction Policy.
Software restriction policy should be defined by the user to stop executing automatically files in their system or process places like ProgramData, AppData, Temp and Windows\SysWow.
- Block known-malicious Tor IP addresses.
Tor network(gateway) is used to communicate with command and control server, blocking tor network connection is a good way to prevent malware from communicating to control server.