UPDATE (29/06/2017): In response to the latest Petya and WannaCry outbreaks, we’ve updated our ransomware guide for these latest threats.
Ransomware: it’s a particularly nasty form of malware that can keep your entire machine under locks. It seems as though each week, a disturbing new variant emerges that’s more powerful (and more contagious) than the last.
This time, it’s Petya and WannaCry striking fear into the hearts of businesses and home users alike.
Is there anything you can do to reduce your risk? Here’s our guide to avoiding these threats.
Keep regular backups
This won’t stop ransomware, but it will mean that the malware will not claim your most important files. Remember that many ransomware variants will lock down and [encrypt] your data, making it almost impossible to get back.
Be careful about using desktop access in services like DropBox and OneDrive for your backups, as some ransomware variants are able to access and lock anything under your user account.
Save any documents you simply could not live without to an external drive or web-only cloud service: see our guide to secure backups to get started.
Business owners: consider a network-based antivirus or firewall
These solutions move the line of defense a little further up than standard anti-virus solutions, allowing you to combat drive-by downloads before they even get to load in your browser.
This can solve the problem of employees accidentally exposing their network to ransomware if visiting a site embedded with compromised scripts.
For more information about firewalls and network security solutions, check out our Firewall 101.
Pay attention to email attachments
WannaCry appears to attack an unpatched SMB port as its mode of transmission, and Petya now appears to do the same – without the same ‘killswitch’ bug found in WannaCry.
Many other ransomware variants (such as the already infamous ‘Locky’) do most of their propagation via phishing: phony emails claiming to be from shipping companies, banks or online stores.
An attachment might pose as an invoice, shipping confirmation or other important document, tempting you to download and investigate it.
You might think you’re too savvy to be tricked, but bear in mind that scammers are becoming increasingly sophisticated: spoofed domains, exact replicas of wording and graphics and masked links are now becoming common practice.
This spam will often come from regular email accounts that have been taken over by malware, causing them to send out thousands of infected messages a day.
These messages generally have similar content and unique characteristics that a spam filter can spot. In this way, you can reduce the chance of coming into contact with ransomware-infected files before you’re even tempted to click them.
Update, update, update!
Waiting for updates to complete before you can continue working, or before shutting down your machine might be irritating, but they’re also critical to your security.
Important operating system updates are pushed out regularly by major players Microsoft and Apple, and it’s important to keep your Windows or OS X machine running the latest patches.
Don’t forget about updating your browser, too! Malicious scripts often prey on slightly outdated and unpatched versions of Chrome, Firefox and Internet Explorer. If you’re using browser plugins or add-ons (particularly Flash Player and Java), it’s very important to keep these constantly up-to-date.
Be aware of new types of ransomware, their effects, and how they can be transmitted. This awareness is important and will help you to remember what’s at stake.