The best ways to prevent ransomware are to maintain good security practices, back up files, and use anti-ransomware software.
How to Prevent Ransomware at Home
- Reduce the risk of malware that could lead to a ransomware infection.
It is important to be suspicious of any communication from an unknown party and be aware that hackers try to trick people into thinking an email or website is legitimate. If in any doubt, do not click on a link, download software, or open an attachment.
PC users should keep all their software and network devices updated to protect against any known security vulnerabilities. If practical, remove Java and Flash plug-ins as these often have vulnerabilities that are used in a ransomware attack. Most of us have antivirus software and some have Internet security tools that act as a personal firewall or identify risky websites. These applications should be set to auto update to ensure that they detect known malware.
- Back up files.
Important files should be backed up. There are many affordable options for data backup, including external drives and cloud backup. Ensure your backup system is not connected directly to your computer or network to prevent the ransomware from infecting your backup files. Check that your backup files can be properly restored.
- Use Anti-Ransomware software.
Antivirus software is designed to detect and block known virus signatures. Because ransomware is constantly changing, antivirus tools are not sufficient protection. Learn more (blog). Next-generation anti-ransomware tools, such as RansomStopper, use behavioral analysis, machine learning, and deception techniques to protect against new and existing strains of ransomware.
How to Prevent Ransomware in Business
All of the above recommendations for individual users also apply to businesses, but should be applied by the IT department in a manner appropriate to the scale of each enterprise. The following are additional suggestions for organizations:
- Follow security best practices, including:
- Implement an employee security awareness and education program
- Patch operating systems, software, and firmware on devices
- Enable strong SPAM filters and authenticate inbound email
- Set antivirus and anti-malware programs to conduct regular scans automatically
- Regularly conduct vulnerability scans
- Separate physical and logical networks
- Configure firewalls to block access to known malicious IP addresses
- Maintain updated filters and patches on IDS/IPS products
- Apply application whitelisting
- Review write permissions on network shared files
- Block Tor traffic
- Disable Remote Desktop Protocol (RDP)
- Monitor security events 24×7
- Data Backup
- Backups are critical to ransomware recovery and response
- IT teams should back up data regularly and check the status of the backup copies
- Some organizations build in data validations tests to ensure the data is valid after restoration
- A combination of online and offline backup provides maximum protection
- Use Anti-Ransomware Software
For comprehensive ransomware protection, enterprises should deploy next-generation anti-ransomware software, like RansomStopper. Relying on antivirus software alone risks exposure to new strains and polymorphic-variants of ransomware. Next-generation ransomware recognizes low-level behavior consistent with ransomware and has built-in countermeasures to address sneaky evasion techniques built by hackers to bypass traditional antivirus tools. Business-class anti-ransomware software should include centralized management to view and respond to organization-wide threats.