What do I do to protect against Ransomware?
- For all important information, create a backup plan and a recovery plan. Regular backups should be tested to minimize the risk of data loss or system disruptions and speed up the recovery process. Ransomware can also affect network-connected backups; it is important to isolate critical backups from the network for maximum protection.
- Make sure your operating system and all software are up-to-date by installing the latest patches. Attackers are most likely to target vulnerable applications and operating systems. Ensure that these operating systems and applications are updated regularly to reduce the number of possible entry points for attackers.
- Keep your anti-virus software up to date and scan any software you download from the Internet before you execute.
- Limit users’ access (permissions), to install or run unwelcome software applications. Apply the principle of “Least Privilege”, to all systems. These privileges can be restricted to prevent malware from running or limit its ability to spread across the network.
- Do not enable macros in email attachments. When a user opens an attachment and activates macros, embedded code can execute the malware on the computer.
- Unsolicited links from emails should not be followed. For more information, refer to this Phishing resource.
Paying the ransom is discouraged by individuals and organizations as it does not guarantee that files will be released. The FBI advises that ransomware such as Cryptolocker or Cryptowall may be used to prevent victims from obtaining their data without paying a ransom.