DeepDefence
Blog - How to protect from Ransomware
Protect from ransomware

  • What is Ransomware

  • Ransomware is one type of malware that restricts from accessing files/data/applications or entire software systems. The infected systems are usually encrypted with a key or users are completely locked out thus preventing access. Only on payment of a ransom (usually cryptocurrency) access is restored by providing a decryption key. Some ransomware victims may face threats of leaking sensitive data if payment is not made.

    Ransomware is a serious problem even today, resulting in business disruption, financial loss and data loss.

  • How Ransomware attacks happen

  • Phishing: Tricking the users into downloading the malware by clicking on a link of mail attachment.
  • Malicious websites: When users visit a malicious website, the malware is made to download automatically to user computer.
  • Credentials: By brute-force attacks, stealing, purchasing or by some other ways, attacker finds the credentials of the network systems and uses them to login and download the malware.
  • Software vulnerabilities: Attackers use vulnerabilities in software used by businesses, unpatched systems to gain access and download the malware.

  • After ransomware gains access to the file/systems, it encrypts them with a key making them inaccessible without a decrypting key. Ransomware may delete the original files and backups making the recovery even more difficult. A decryption key is provided upon paying the ransom amount as demanded.

    It should be noted that, even after payment, there is no guarantee that the decryption key works or the attacker may demand more payment or the key may not be provided at all. Payments encourages future attacks.

  • How to prevent:

    • Back up your data and other business critical data in systems away from daily operations, with very limited to no access to anyone.
    • Update all your systems and software with latest patches.
    • Use a reliable antivirus software
    • Scan all files that are uploaded into your network (e.g., from your application). Scan all emails as well.
    • Grant the least access privileges to users.
    • Albeit expensive, you may invest in an endpoint protection software that protects your computers, mobile devices and servers.
    • Regularly conduct security awareness trainings to your employees about cyber-attacks.

    • The points mentioned at https://www.deepdefence.co/blogs/ten_easy_ways_to_protect_from_cyber_attacks.html are equally applicable.

Security monitoring and protecting your software systems is a continuous process. With advancements in AI, even more sophisticated attacks are expected.

If you need help securing your software solution, DeepDefence can help you. Drop us a message now!! We offer a free security assessment to new customers.

Back to Blogs