Ransomware is malware that encrypts and holds your sensitive data hostage until money or another type of payment is made. Most of the time it’s delivered via email in the form of phishing, but can also arrive in adware or even on Facebook or Twitter. The ransom can be anything from a “like” on social media to hundreds of dollars. However, you can avoid being a victim.
Backup all of your devices
This is a reasonably simple task. External hard drives are getting less expensive and they come with essentially plug-and-play technology. If you don’t want to do that, just back up your important documents and files to a USB drive and store whichever method you use separately from your computer. This way, should ransomware strike, you can restore your files and avoid paying a ransom.
Most security professionals recommend backing up weekly, but ideally it should be daily. If your data is particularly critical, such as data in a hospital, perhaps hourly is appropriate. Earlier this year, Hollywood Presbyterian Medical Center was caught without adequate backups and paid to have its data returned. This is not recommended.
Update software and firmware
Unfortunately patching and updating software seems to be lower on the priority list than it should be. While most personal devices have automatic update functionality, in businesses this is often not enabled. In fact, a Google study found that only 2 percent of non-security experts understand the importance of regularly patching and updating. However, it’s important to do this whether at home or at the office.
Create a patching schedule for non-critical and security updates, and if you see an indicator on your smartphone that an update is available, apply it if it isn’t automatic. When vulnerabilities are found that can cause security issues, update as soon as the patch is released. Don’t forget the hardware. As soon as a new piece of hardware is installed, be it at home or the office, update it and change the default password.
Don’t take the bait
Ransomware is often delivered via phishing. This can come in email messages, social media feeds, or even in adware. If a link arrives in email unexpectedly or from someone unknown, don’t click it. Also avoid clicking adware and links in social media. Those are often scams and clickbait to lure you to the hook. Educate those in the office and at home on identifying these and make sure anti-malware is installed on every device and updated.
Leave work at the office
A ThreatTrack Security survey from January found that nearly one-third of IT security personnel were asked to remove some sort of malware from an executive’s computer. Family members were blamed. Keep work data and files separate from private ones. Also, teach family members good computing habits, even if they don’t use the work laptop or mobile device. It also never hurts to start teaching kids early how to keep information safe.
Source: Stickley on Security.