Ransomware is a type of malware that holds your data hostage until a sum of money is paid to the attacker. There are many variants of ransomware.
Perhaps you will log into your computer to find all your files are encrypted with a message stating you must pay a ransom to get the de-encryption key. Or, you could be locked out of your system, entirely, with a false notification that you are under investigation by law enforcement and must pay a fine to regain access to your system. In other cases, attackers may simply start deleting your files until you pay up.
There is no guarantee that paying the ransom will get you back into your system and restore your data. In fact, paying often does not lead to recovery. Even if your data is recovered, paying sends a message to the perpetrators that you are an easy target for further attacks.
Prevention — or shielding your account and files against ransomware and ensuring you have a system to recover your own files — is truly the key to protect your data. Here’s how to keep your system and files protected:
Install trusted cybersecurity software and a firewall. Ensure you have reputable anti-virus and anti-malware software on your system and keep your firewall properly configured and running. There is anti-malware designed to actively monitor for threats like ransomware.
Keep your systems and software patched. To prevent attackers from accessing your data through vulnerabilities in operating systems and applications, apply all updates and security patches.
Regularly back up your data. If you choose a cloud-based backup, ensure the server uses strong encryption and multiple-factor authentication to protect your data. After conducting a physical backup, you should disconnect your device from external hard drives or USBs to help prevent any ransomware infection from reaching these devices. Encrypt your physically backed-up data so only you can retrieve it.
Keep informed on cybersecurity threats. Knowledge is power, so get educated about how to identify cybersecurity attacks, which are often delivered via malicious websites and links, infected software and phishing emails. For instance, ransomware is often embedded in macros within Word or Excel documents attached to phishing emails. It is vital to know your senders and why they are sending you files. If an email looks phishy, do not open it!
Limit your administrator activities. Ransomware has the potential to target highly sensitive data and systems via administrator accounts. If you are an administrator, only perform needed tasks while logged in. Staying on the system longer than required to perform non-administrator related activities (e.g., browsing) can make the administrator account more vulnerable to attack.