Ransomware - how to protect yourself
Author: Swapna Naraharisetty, 2BrightSparks Pte. Ltd.
Ransomware is a particularly harmful type of malware program that prevents users from accessing their systems. It then attempts to extort money by locking their computers and taking control of the files (documents, spreadsheets, pictures, videos etc.), sensitive data or applications stored on their systems. In addition to this, some ransomware will encrypt and hide your personals files in such a way that you do not have access to them anymore.
How ransomware gets into your computer
Ransomware propagates as a Trojan. It can enter into your computer in several ways:
- If you visit a malicious or compromised website, click on malicious advertisement/link or open/download a malicious attachment.
- Open email attachments that contain malicious code.
- By inserting or connecting an infected disk.
- By installing unknown software on your computer where the program itself is ransomware but disguises itself as a useful software.
What ransomware can do
Once ransomware enters into your system it will prevent you from using your computer normally.
- Prevents you from accessing Windows. Locks the screen and demands payment.
- Encrypts personal files or folders. Normally a text file is saved in the same folder where the inaccessible files are stored with instructions for payment.
- Stops certain applications from running.
- Demands you to pay money.
- Makes you complete surveys.
Note that there is no guarantee that even after paying the demanded amount you will get access to your PC or files again.
Protecting your data from ransomware attacks
The best way to preventing ransomware is to perform regular backups using SyncBackPro or SyncBackSE to an offsite location. For example, if your computer is attacked with ransomware then you may lose your files and data stored on that computer. However, if you perform regular backups then you can recover from this problem quickly by re-installing the operating system and restoring your lost data from your backup.
Here are a few suggestions that helps to keep your data protected from ransomware:
- Use SyncBackPro/SE to backup your files regularly to a cloud server such as Amazon S3 or Microsoft Azure server. Note that we don’t recommend backing-up files to cloud services such as Dropbox, Box, Google Drive, One Drive, etc. because ransomware can easily encrypt files stored on a network drive, USB drive or a cloud server that is mapped as a local drive (for which a drive letter is assigned and can be accessed directly without a password).
Therefore, we suggest using SyncBackPro/SE to backup/restore files to/from your cloud server.
- Use SyncBackPro/SE to backup data to an offsite FTP or FTPS server. Note that if your server is SFTP then you may have to use SyncBackPro for the backup (as SFTP is only supported by SyncBackPro).
- Use SyncBackPro/SE to backup data to multiple external drives on a rotational basis. For example: backup to 5 different USB drives from Monday to Friday. If your computer is infected with ransomware on Wednesday, for example, then you can still restore/recover data from your backup drives used on Monday or Tuesday. It is important that the external drive is unplugged/detached from the computer and network after the backup.
- We suggest enabling Versioning at your destination (backup) under: Modify > Expert > Copy/Delete > Versioning settings page to keep different versions of the files at your destination.
Use variables like %DAYOFWEEK% or %DAYOFWEEKNAME% in your destination path to have multiple full backups on different days of the week.
The above settings helps to restore your data from versioned files or from one of your multiple backup folders, in case if you have inadvertently replaced your backup files with the encrypted files (or ransomware file) from your source.
Ransomware is becoming an increasingly popular malware program that destroys or damages files and extorts money from consumers and companies. However, if you use SyncBackPro/SE to perform regular, frequent backups of your valuable data to an FTP or cloud server then you can avoid becoming a victim of ransomware.