This post is also available in: Myanmar
Before I talk about how to prevent ransomware, I would like to explain what ransomware is. If you have experience with Ransomware Attacks, this will help you or you may help or give some advice to your friends when you faced it next time.
What is Ransomware?
Ransomware is a type of malware called Malicious Software that is harmful to our computer systems. Once the malware is on your computer, all data on your computer system will be encrypted so that it can no longer be used. Then it starts threatening you with a small file called Readme.
Ransomware attackers usually extort money from their victims. They will tell you which BTC address to transfer the amount of money in the Readme file. Only when the money is actually transferred can you contact us by email and return the key with the Decryptor Tool. (According to people in Burma (victims), some of them have to transfer money because it is not convenient at all. Those who transfer can actually decrypt their valuable and important data.
Some ransomware attackers are very rude. Even if the victims are asked to transfer money, they will not be able to transfer money at the same time as others. They even ask for deadlines. If you do not provide it within that time, they said your data goodbye permanently.
Ransomware attackers are attacking the world in various forms and locations. Government offices; the Private sector; Ordinary Internet users and even people like the latest US FBI are exposed to ransomware attacks. Even if the victim of a ransomware attack pays for the attacker, if he recovers his data and does not properly clean his entire computer system, he could still be attacked again. In that case, you can not say that you have given already it. You need to know that your data will be returned only if you give money for it again.
Some History of Ransomware Attacks
In 1996, Ransomware was known as “Cryptoviral Extortion” was introduced by Moti Yung and Adam Young at Columbia University. At the time, it was a breakthrough for the education sector. Creativity; And strength.
Young and Yung then unveiled the “Cryptovirology attack” at the IEEE Security and Privacy Conference. The virus contains an attacker’s public key and encrypts the files of the affected users. The malware then forces the attacker to pay the attacker for a decryption key. So, the private key has only the attacker, even if you have that public key you can’t do anything to recover the files until you have paid to the attacker.
Ransomware attackers are becoming more and more sophisticated and their growth has been fueled by payment systems that allow their victims to protect themselves from unauthorized transactions, such as payment systems that allow transactions to be traced, such as banks.
For example, notorious Mobile Ransomware Fusob requires its victims to pay Apple iTunes Gift Cards instead of regular currencies, such as dollars.
As cryptocurrencies like Bitcoin grow, so-called ransomware attacks are slowly gaining popularity. In addition to Bitcoin, ransomware attackers also use other popular cryptocurrencies.
Ransomware attackers often attack organizations. Of these, the attack on the Presbyterian Memorial Hospital was the most notable in the history of ransomware. This attack highlighted the potential damage and danger of a ransomware attack. When the hospital was attacked, laboratories, Pharmacies; Several places were damaged, including emergency rooms.
How to Prevent Ransomware Attacks?
Malware called ransomware can invade your computer system at any time, anywhere in this age of the Internet. Especially any link on the internet. People who click on any file are the most vulnerable to ransomware attacks. Some people may get ransomware from a downloaded file (this is because the file extensions are not shown or hidden on your computer, so the downloaded file is the same as the actual downloaded file type and the ransomware attack caused you to click on it without checking it).
For a developing country like ours, it is not easy for everyone to buy and use Windows software. That’s why most computer users use pirated software. Software downloading from the Internet, Experts are wary of downloading data. For those who do not experience it, it is like walking in darkness. Are the websites you are visiting malicious websites? You may not know what is right or wrong. If you download from such a website, you are more likely to be infected with a ransomware attack.
Another attack is by using email. Ransomware attackers may send you emails pretending to be files. What are the Attached Files in the Email? You can not see the right side. If you believe some of the statements in the message and click on it, you have installed Ransomware on your computer by yourself. So, Emails in the Spam Box in Email (Gmail) or It is important not to open emails that contain attachments sent by an unknown email.
You can also get ransomware attacks while sharing files on local storage devices such as memory cards, SD cards, external HDDs, and external SSDs. If you have frequent use of other people’s external storage due to any conditions, we recommend that you purchase a good anti-virus (or Internet Security) software called Endpoint Security Solution, which contains anti-ransomware features.
Another possibility is that SEs may have been infected via social networks and then received ransomware attacks. To put it simply, SE is about making people trust each other by clicking on the link they provide. You answered his questions. Ransomware attacks can also be caused by unknowingly sharing your information with others. This is where your ingenuity matters on social media.
Especially for those who are constantly connected to the Internet:
- Use a licensed Windows OS if possible and keep it up to date.
- Buy a good Endpoint Security Solution software that contains anti-ransomware features on your machine.
- For those who download files from the internet, always open File Extensions on your machine to see if they are the type of file you are downloading. Check and then open it.
- Be sure and check to open the email containing the attached files before opening it. Do not open emails from untrusted or unknown sources.
The most effective prevention method (Backup, backup … Always backup)
This is one of the most effective and cost-effective ways to prevent ransomware attacks. In the workplace Make sure you back up your data on a daily basis, whether it is on your home device or not. So how to backup?
The Golden 3-2-1 Backup Rule
Let’s see the video file first …
The 3-2-1 Backup Rule is simply to duplicate your important data and files into primary copy + 2 copies. Two of them need to be stored on an external HDD or SSD or on a storage server called a NAS (preferably). The other one is to store Google Drive, One Drive (or) Others called Cloud Storage.
By following the 3-2-1 Backup Rule, if two local backups are infected with ransomware, If it is damaged for any other reason, your valuable data will not be lost because it is still in the cloud storage. Even if you are accidentally attacked by ransomware, you can still get your data back by clean installing and syncing your backup data.
Do’s and Don’ts of Local Backup Server
One thing to keep in mind for those who back up using local backup servers. The Backup Server (or NAS) you are using cannot be on the same network as the one you are using. If this is the case, then the whole network on the same machine could be infected with ransomware, which could then infect other computers on that network. (Files Permissions / Ransomware attacks may vary depending on the OS used on the NAS) So if one of the users on the same network has been infected with a ransomware virus, do not assume that it has not been infected others. It is important to check carefully and take precautions.
This post is also available in: Myanmar