Header Ads

Ransomware an enemy to your virtual life and the ways to prevent it

Malacious code that is designed to use encryption to hold data for ransom. Like other computer viruses, it usually finds its way onto a device by exploiting a security hole in vulnerable software or by tricking somebody into installing it. Once it is installed it will lock all your files in your device and ask you for money to unlock it.  Files which are encrypted by Ransomware can essentially be considered as damaged beyond repair. But if you follow some smart security measures to your device than you can stop the risk of wrecking your day by ransomware.


So here are the super cool tips that you must follow :- 

1. Do a frequent Back up of your important data
   It is the biggest thing that you can do. Suppose if you are attacked by ransomware than you have no    fear of loosing your files because you have a copy of those files. 
* If you are infected than never connect your backup device to the  infected system. First Do a              complete format of your device

2.Show hidden file-extensions
One way that Cryptolocker frequently arrives is in a file that is named with the extension .PDF.EXE”. Here you can see two extension to a single file which is not possible. You can tweak into Window’s default behaviour of hiding known file-extensions to spot the suspicious files. 

3.Filter EXEs in email
If your gateway mail scanner has the feature to filter files by extension, you can deny mails sent with “.EXE” files, or to deny mails sent with files that have two file extensions, the last one being  executable.
(“*.*.EXE” files, in filter-speak). Because ransomware files are executable files so you need to be very careful in downloading the attachments with .exe .

4.Use the Cryptoprevent tool
The Cryptoprevent tool automates the process of making a Group Policy to disable files running from the App Data and Local App Data folders, as well as disabling executable files from running from the Temp directory of various unzipping utilities. 
Download Cryptoprevent

5.Disable RDP
The Cryptolocker/Filecoder malware often accesses target machines using Remote Desktop Protocol (RDP), a Windows utility that allows others to access your desktop remotely. If you do not require the use of RDP, you can disable RDP to protect your machine from Filecoder and other RDP exploits. For instructions to do so, visit this link.

6.Patch or Update your software
Always purchase genuine softwares or atleast operating system so that if any new attacks happens you can update the security patch release by your vendor.

7.Set the BIOS clock back
Cryptolocker has a payment timer that is generally set to 72 hours, after which time the price for your decryption key goes up significantly. (The price may vary as Bitcoin has a fairly volatile value. You can “beat the clock” somewhat, by setting the BIOS clock back to a time before the 72 hour window is up. I give this advice reluctantly, as all it can do is keep you from having to pay the higher price, and we strongly advise that you do not pay the ransom. Paying the criminals may get your data back, 
but there have been plenty of cases where the decryption key never arrived or where it failed to properly decrypt the files. Plus, it encourages criminal behaviour! Ransoming anything is not a legitimate business practice, and the malware authors are under no obligation to do as promised – they can take your money and provide nothing in return, because there is no backlash if the criminals fail to deliver.

Powered by Blogger.