The best ways to prevent ransomware are to maintain good security practices, back up files, and use anti-ransomware software.
It is important to be suspicious of any communication from an unknown party and be aware that hackers try to trick people into thinking an email or website is legitimate. If in any doubt, do not click on a link, download software, or open an attachment.
PC users should keep all their software and network devices updated to protect against any known security vulnerabilities. If practical, remove Java and Flash plug-ins as these often have vulnerabilities that are used in a ransomware attack. Most of us have antivirus software and some have Internet security tools that act as a personal firewall or identify risky websites. These applications should be set to auto update to ensure that they detect known malware.
Important files should be backed up. There are many affordable options for data backup, including external drives and cloud backup. Ensure your backup system is not connected directly to your computer or network to prevent the ransomware from infecting your backup files. Check that your backup files can be properly restored.
Antivirus software is designed to detect and block known virus signatures. Because ransomware is constantly changing, antivirus tools are not sufficient protection. Learn more (blog). Next-generation anti-ransomware tools, such as RansomStopper, use behavioral analysis, machine learning, and deception techniques to protect against new and existing strains of ransomware.
All of the above recommendations for individual users also apply to businesses, but should be applied by the IT department in a manner appropriate to the scale of each enterprise. The following are additional suggestions for organizations:
For comprehensive ransomware protection, enterprises should deploy next-generation anti-ransomware software, like RansomStopper. Relying on antivirus software alone risks exposure to new strains and polymorphic-variants of ransomware. Next-generation ransomware recognizes low-level behavior consistent with ransomware and has built-in countermeasures to address sneaky evasion techniques built by hackers to bypass tradition antivirus tools. Business-class anti-ransomware software should include centralized management to view and respond to organization-wide threats.