The second in a three-part series inspired by recent ransomware attacks, this blog will focus on easy steps you can take to prevent a ransomware attack. To provide some perspective, we interviewed a few IT professionals.
But before we dive into security strategies, it wouldn’t hurt to understand what, exactly, this specific type of malware is.
What is Ransomware?
Ransomware is malicious software that locks access to your computer until—as its name suggests—a ransom is paid. Ransomware is generally disseminated via a phishing email that contains a link or attachment that, when clicked, downloads the malware to your system. Once your computer is infected, you cannot access any files, and your screen displays a message providing a series of steps you must take to pay the attackers and receive an encryption key to unlock your files.
Even more worrying, recent attacks have shown that you don’t even have to personally click the link or receive an email to be affected. If one computer on your network is infected, the ransomware can spread to all other connected computers.
How do I Prevent a Ransomware Attack?
Chris, one of our in-house IT professionals, has several suggestions for preventing a ransomware attack.
“First,” Chris says, “do not open email attachments unless you are expecting them or the sender has verified that they sent the email. And while we’re on this point, be aware of current phishing scams. News outlets, the IRS, and tax blogs usually provide information about recent attacks, including commonly used subject lines and body copy that can help you identify a suspicious email.”
“Another easy way to spot suspicious emails is the presence of spelling or grammar mistakes, and you can often identify them by hovering your mouse over the suspicious link WITHOUT CLICKING IT,” he continues. “If the previewed web address does not match the associated company’s website, it’s probably a scam.”
Chris’ other recommendations probably sound familiar: “Run antivirus software and make sure it’s updated. Windows 10 has a basic antivirus built in, but third party software will sometimes have a better detection rate and be more geared toward protecting you from malware. Occasionally—like once or twice a month—you should run a dedicated malware scanner. But the most important thing you can do,” he stresses, “is make sure that your operating system is up to date.”
“Many of the vulnerabilities ransomware uses to spread are patched by your OS vendor in a timely fashion,” Chris says. “This also applies to your Internet browsers and affiliated programs, like Java, your PDF reader, and any other plugins that your browser might spawn.”
The final entry in our series will cover steps you can take if you’re the victim of a ransomware attack. During this blog, we’ll talk to Adam, another in-house IT specialist.