Ultimate Security Guide Against Ransomware

 

Ransomware – arguably the most dangerous type of virus on the Internet. It is a perfect way for cyber criminals to benefit from reckless users. Ransomware infections enter single computers, networks of computers or even IoT devices connected to the Internet, hijack important files by adding some unique file extension to every single one of them, encrypts files and demands a decent amount of money in order to unlock those files. If the case is home user with personal computer, the ransom can vary between several hundreds and couple thousands of dollars, while business and public organisations are forced to pay thousands or even tens of thousand of dollars.

There are several most common, widely spread ransomware families, yet the conception of the crime remains the same. Usually ransom is expected to be paid via Bitcoins payments system. We have issued an article on this topic, revealing that about one billion dollars was paid to the cyber criminals as a ransom in 2016 and the numbers are expected to rise in 2017 and that not only Windows OS users are in danger, as cyber criminals develop ransomware targeted specifically to iOS.

Even though cyber security experts are constantly working to develop a cure against various ransomware viruses as well as decrypters to unlock files without paying the ransom, it’s a must for every Internet user to do everything at its’ will to protect against possible ransomware attack.

For the reason mentioned above we have developed a detailed guide how to prepare for the attack of ransomware or even avoid this happening.

1. Secure your Online Browsing

Almost 48% of all cyber criminals attacks come through web browsers. It is the most common way to perform exploit attack and ransomware viruses usually are infiltrated through exploits. That’s why your attention should be concentrated in securing your web browsing.

You probably know that there are tons of various add-ons and external tools that web browsers use in order to perform some specific tasks. Most often cyber criminals exploit those tools, not the browsers itself. It is important to deactivate tools and add-ons you don’t really use and reduce the chances of exploit.

  • JavaScript. It is a programming language that allow websites to run various specific functions online. Basically any video streaming platform or a website with strong and interactive graphics, not only with text and HTML code use JavaScript. It is a great tool that provides users with great abilities, yet it has some downsides. Almost all advertisements run on JavaScript and web browsers work much slower due to it. Malware (including ransomware), usually come through advertisements on websites with fishy content or some other sort of JavaScript code, so disabling it would result in enormous cyber security enhance. However, at the same time you would lose the opportunity to use websites like YouTube or Google Docs, so it is irritating. However, we have a perfect solution for you. If you are a stable user and the list of websites that you use every day consist of only several most important sites, we recommend to disable JavaScript and create an exceptions for those websites that you use really often. You can whitelist any website you prefer and this way it will be perfectly running with a JavaScript, while all other websites will have no access to it.
  • ActiveX (only relevant to MS Edge and IE users). It is like a bridge between users and sites using JavaScript or Flash. It is preinstalled on MS Edge and IE web browsers and can only work with it. It’s a perfect opportunity for the cyber criminals to exploit web browsers through it. This technology is rather old and not so common nowadays, thus we recommend to disable it. If some website asks you to give a permission to activate this plugin, make sure that the website is 100% safe before actually doing it.
  • Add-ons and extensions. Basically all adware and browser hijacker infections come in a form of an add-on. Once it’s inside of your computer, it’s a perfect opportunity to infiltrate other infections, such as ransomware. That’s why it is important to be very selective about add-ons that you use. In case you notice that you don’t need some of them, it should be immediately deactivated and removed.
  • Cookies. Cookies are used to track and remember users, get to know their preferences. Some really sensitive data, such as your email addresses or even your passwords are stored on cookies too. That’s why it is important to delete cookies from time to time. Cookies usually are a prime target to the cyber criminals, so you will enhance the security by deleting them.
    It is important to understand that there are to types of cookies first party and third party cookies. First party cookies are more important, as they are saved by the website you are visiting and contains some very sensitive information. We have already reviewed why it’s a bad idea to save password on your web browsers. In contrast, third party cookies are saved by other websites that you don’t particularly visit. Usually it’s various advertisers, so you should definitely remove them.

As important as it is to set your add-ons and external web browsers tools, you should pay high attention to the internal settings of web browsers you use, regarding safety. You know that every browser is different, thus we have reviewed most popular web browsers – IE, MS Edge, Google Chrome and Mozilla Firefox.

  • Internet Explorer. All most important security options can be reached on ‘Internet Options’ window. To access the window you should click on tools icon in the top right corner of the browser and select ‘Internet options’. First of all, go to the ‘Security’ tab and select high security level for Internet zone. By default it is set as a medium. Now select ‘Privacy’ tab and click ‘Advanced’. Here can you find cookies settings. Two separated columns refer to first and third party cookies. We suggest to block both of them and disable session cookies. However, if you are doing online shopping, you might need to allow session cookies to be able to checkout with your order. Lastly, navigate to ‘advanced’ tab. There you can see an extended list of various options. Find one called ‘Enable third-party browser extensions’ and uncheck it. This will block all unreliable extensions.
  • Microsoft Edge. Navigate to the settings menu by clicking three dots in the top right corner and select option ‘View advanced settings’. First of all, deactivate use of Adobe Flash Player. Then select ‘ask me what to do with each download’ option. This way you will be sure that you are aware of what you are downloading. Finally, turn off ‘Offer to save passwords’ and ‘Save form entries’ options and turn on ‘Send Do Not Track requests’.
  • Google Chrome. Access Settings menu by clicking on three vertical dots in the top right corner. Navigate to the ‘Privacy’ section and check ‘Send a Do Not Track’ option.Same as o MS Edge, you should uncheck ‘Enable Autofill’ and ‘Offer a save your web passwords’ options on ‘Privacy’ section.Now regarding cookies, you should select ‘Keep local data only until you quit your browser’ option.
  • Mozilla Firefox. To access Settings menu on Mozilla Firefox, click on three horizontal lines in the top right corner and select ‘Options’. First tab is called ‘General’. You should select ‘Always ask me where to save files’ option.Now navigate to ‘Privacy’ tab and select ‘Always apply do not track’ option. This way advertisers and other websites will have no abilities to track you around the web.
    Mozilla_do_not_track

We have talked about the bad influence that can be brought by malicious extensions, but there are some extensions that can actually provide security to your web browsers. First of all, it is Adblock Plus. You have probably already heard about it – it is a very popular add-on that blocks advertisements on various websites. it is very useful if you are not willing to disable JavaScript.

Next add-on on our recommended list is HTTPS Everywhere. This browser extension will allow you to browser all sites safely. You can notice that some sites use HTTP, while some use HTTPS and S stands for security. That means HTTPS sites encrypt data that is sent between your web browser and the website. With HTTPS extension, even HTTP sites will be accessed though HTTPS.

Another browser extension that is worth your attention is called Disconnect.me. It is available for Mozilla Firefox, Google Chrome and Internet Explorer. This add-on will provide you with the ability to block tracking cookies from third parties as well as social media accounts from tracking your browsing history.

Finally, we have some obvious yet important tips for safe web browsing. You should never use the same password on different websites. It is dangerous because if hackers can steal your data from website, they eventually have access to all other websites that use the same password on.

As you might already know, public wireless networks can be dangerous as well. Cyber criminals often use such networks to attack victims and the best way to protect yours information is to browse the Internet in private browsing. This mode can be easily accessed by opening Incognito window on your web browser (ctrl+shift+n or ctrl+shift+p on most web browsers).

If you do not use HTTPS Everywhere or any similar extension to secure your web browsing, stay away from websites without HTTPS connection. This only applies to websites that manages your personal data or requires some sensitive information. In case it is content only website, such as blog, HTTP is OK too.

2. Filter Your Traffic

Data going in and out of your computer via the Internet is very important, so it’s a must to make sure that the Internet traffic is secured. That can be done by filtering your online traffic and there are several options how you can accomplish that. The easiest and most efficient way is to use tools dedicated to this purpose.

VPN. VPN stands for Virtual Private Network. It usually is used to encrypt the data you send and receive – making your web browsing anonymous and really private. VPN will greatly reduce the chances of hackers attack. However, this service is paid and it can be provided by hosting providers.

Firewall. Firewall usually is installed on every device by default. Yet sometimes it can be faulty configurated or even disabled, thus it’s important to make sure that firewall is working properly. Usually Firewall is pre-installed on Windows OS yet sometimes if you use external anti-virus protection, the software can disable original Windows firewall and use its’ own firewall instead. So if you uninstall such anti-virus software, Windows firewall will remain deactivated. Make sure you turn it on.

Proxy. yet another paid service that will not allow you to visit malicious and possibly dangerous websites. Proxy works as a middleman between your computer and various websites in order to assure that no malicious data can be sent to your system.

3. Use Anti-Malware Software for Protection

There is no need to say that the most efficient way to protect your computer from ransomware and other similar infections is to use trustworthy anti-malware software. However, not all anti-malware programs offer security against ransomware, so if you have anti-malware program installed does not always mean you are secure. Here are our top picks of anti-malware software against ransomware attacks.

  • Malwarebytes Anti-Ransomware
    Malwarebytes acquired CryptoMonitor software, updated and named it Malwarebytes Anti-Ransomware. Now it is available only as a beta version as the program is still in a development stage. Until this software is available, you can use Malwarebytes Anti-Exploit tool which is efficient in blocking exploits and reducing chances of ransomware attacks.

  • EMET
    EMET stands for Enhanced Mitigation Experience Toolkit. It was developed by Microsoft and is completely free. This tool is dedicated to defend Windows systems against exploits. As much as 12 different techniques are used to protect your computer from various viruses, including ransomware.
  • Zemana Anti-Malware
    Zemana Anti-Malware is all-around anti-malware tool that can provide you with the protection not only from ransomware, but adware, browser hijackers and other types of viruses as well. It is one of the best regarding protections against ransomware.

Read "Ultimate Security Guide Against Ransomware" in other languages

Leave a Reply

Your email address will not be published. Required fields are marked *

Recent Posts

Security Guides

Recent Comments