According to the latest 2021 Risk and Conflict Report from the Cybersecurity Observatory of the National Cybersecurity Centre, ransomware is one of the 3 most recorded crimes in Portugal. Ransomware is a form of malware that is constantly evolving and is designed to encrypt files on a device, making all files and systems that depend on them unusable. The cybercriminal therefore demands a ransom to free the locked system, threatening to publish the data, including personal information and company data, if the ransom is not paid. As an example, very recently, the main pipeline operator in the U.S. closed its network after an attack involving ransomware that had very high repercussions not only in terms of financial losses but also reputation.
Here are some tips to avoid being a potential victim of ransomware:
1. Never click dubious links
Avoid clicking links in spam messages or unknown websites. If you click on malicious links, an automatic download can be started, which can lead to infection of your computer.
2. Avoid disclosing personal information
If you receive a call, SMS, or email from an untrusted source requesting personal information, do not respond. Cybercriminals may try to collect personal information in advance, which is used to personalize phishing messages targeted specifically for you. If you have any questions about the legitimacy of the message, please contact the sender directly.
3. Don’t open suspicious e-mail attachments
Ransomware can also get to your device via e-mail attachments. Avoid opening any dubious attachments. To make sure the e-mail is trustworthy, pay close attention to the sender and make sure the address is correct. Never open attachments that require macros to run to view them. If the attachment is infected, opening it will run a malicious macro that provides malware control of your computer.
4. Back up your data to a secure storage regularly
|Investing in a backup is like buying insurance, so the choice should be well thought out. The process of retrieving data from the backup is known as restore, and more important than keeping backups up to date is being able to restore them in the event of a disaster or extortion attempt is imperative.|
5. Never use unknown USB devices
Never connect USB devices or other storage media to your computer if you do not know where they came from. Cybercriminals may have infected the storage medium and placed it in a public place to persuade someone to use it.
6. Keep your programs and operating system up to date
Updating programs and operating systems regularly helps protect you from malware. When performing updates, be sure to use the latest security patches as these make it difficult for cybercriminals to exploit vulnerabilities in your programs.
7. Use only known download sources
To minimize the risk of ransomware, never download software or files from unknown websites. Rely on verified and trusted websites for downloads. This type of websites can be recognized by trusted stamps. Make sure that the browser address bar of the page you’re visiting uses “https” instead of “http.” A shield or padlock symbol on the address bar may also indicate that the page is secure. Also, be careful when downloading to mobile devices. You can trust the Google Play Store or Apple App Store, depending on your device.
To summarize, ransomware is indeed a highly targeted threat. For businesses, they need to be particularly vigilant of what information to share, where and when. The more you streamline your networks, update with current patches and keep your firewalls in top condition, the better protected you are from these threats. Prevention is better than cure. Therefore, being prepared for ransomware is better than having to deal with it once it has struck.