Unlike other types of malware, you can't just clean ransomware and get on with your day. A run-of-the-mill virus will destroy all your data and backups. This is why ransomware is a danger for which you need to prepare in advance.
Are you in danger?
Sure, a ransomware attack is dangerous, but not all risks are the same. For example, an asteroid strike is a known hazard. Should we spend trillions of dollars defending ourselves against this threat that occurs once every 100 million years? Not necessarily, because the risk of an immediate hit is quite low. So for ransomware, we need to consider the level of risk for a permanent data loss.
Part of the risk assessment is to see how well prepared we are for such an attack. There are many things we can do to keep our data safe. Because ransomware can and will encrypt all the files it finds on your computer or on a connected network, we need to choose a backup solution that makes our files inaccessible.
One such solution is the "air gapping" of your backup disk, which means that it is not constantly connected to your computer or network. Another option is a backup tool so you can restore your files. If you have a secure, isolated backup, an ransomware attack can be annoying, but you can overcome it without much difficulty.
Combined with other precautions, such as not clicking on links that you do not trust, may be sufficient for the security of your computer.
There are also some easy ways you can add ransomware protection to your computer without installing another security program. The existing Windows antivirus package already offers some protection. Windows Defender, the default antivirus for Windows 10, has some built-in ransomware protection, but is disabled by default.
If you enable Windows Defender "Folder Access Control" ransomware protection, the software will protect your shared folders, such as Documents and Images, from unauthorized changes. If an ransomware application cannot access the Documents folder, it cannot encrypt your files. There are also free apps like RansomBuster of Trend Micro, which works the same way.
Unfortunately, this approach is not infallible and can become very annoying in practice. Many programs need to access your document folders regularly, so you may need to grant them multiple permissions.
Ransomware is still a serious threat
Some experts believe that ransomware does not hit home computers. Criminals tend to focus their efforts on victims with deep pockets. Check Point's recently published Cyber Security 2020 report agrees with this assessment:
"In 2019, we saw an escalation of sophisticated and targeted ransomware attacks. Certain sectors have suffered serious casualties, such as state and local agencies, as well as health services. ”
The 2019 titles were full of such attacks on more than 70 state and local authorities. If you are not a bank or city government, you may need to worry less about ransomware in 2020 than you did several years ago, as current ransomware attacks are more targeted.
This is good news for your home computer, however, do not rejoice…
It is easy to conclude that ransomware is no longer a problem for consumers, but we do know that cybercrime, and tactics, are cyclical. They keep coming back.
Jonny Pelter, CEO of SimpleCyberLife.com reports:
"The volume of ransomware attacks has started to decrease, but the level of attacks is still high.
Of course, this will make the development and distribution of ransomware by cyber criminals much more profitable. Unfortunately, I'm afraid we are entering a period of complacency. As ransomware attacks are abandoned by the mainstream media, and people misinterpret it as a reduction in the number of ransomware attacks, which is far from the truth, unfortunately. ”
Ransomware prevention software
All of this means that you may be relatively safe in the short term, but it is still a good idea to protect yourself with some ransomware prevention software. Home computers have been relatively vulnerable for several years, but today there are many anti-ransomware packages to choose from - free and paid.
Almost all standard antivirus packages now offer some level of protection against ransomware. However, many of these (and most free packages) are based on the same technology used by traditional antivirus programs. Detect signatures of known software to identify malware. The disadvantage of this approach, of course, is that it leaves you vulnerable to 0day.
In contrast, most individual ransomware packages, such as Acronis Ransomware Protection , Check Point ZoneAlarm Anti-Ransomware and Malwarebytes Anti-Ransomware Beta, detect malware by its behavior.
These programs monitor the activity of quarantined applications and processes that have suspicious activity, such as generating an encryption key or initiating file encryption.
This makes these applications much more effective at shutting down ransomware from scratch, whether it is well-known software or brand new malware.