Bitesize guide: Tips for preventing ransomware

Chances are you know someone, or some organisation, who has suffered a ransomware attack – it could be your local police department, a small business, big hospital, or someone in your family.

If you haven’t been hit by ransomware personally, you’re either very lucky, or you’ve taken some proactive steps to protect your computers and files.

If you do get infected with ransomware, unless you’ve got back-ups, or the hackers made some kind of cryptographic mistake, you’re left with either paying or losing your locked up files forever.

Prevention is far better than a cure. Therefore, here are some tips to protect yourself against ransomware.

1. Back up your files regularly and keep a recent backup off-line.

The only backup you’ll ever regret is one you left for another day.  Backups can protect your data against more than just ransomware: theft, fire, flood or accidental deletion all have the same effect.

2. Don’t enable macros.

A lot of ransomware is distributed in Office documents that trick users into enabling macros.  Microsoft has just released a new tool in Office 2016 that can limit the functionality of macros by preventing you from enabling them on documents downloaded from the internet.

3. Be very careful about opening unsolicited attachments.

Most Windows ransomware in recent months has been embedded in documents distributed as email attachments.  It also goes without saying, and is a continuous message: never open messages or attachments you are not expecting.

4. Don’t give yourself more login power than necessary.

Don’t stay logged in as an administrator any longer than necessary.  Avoid browsing, opening documents or other regular work activities while logged in as administrator.  This elevated privilege can result in a lot of damage to your system if malware accesses your computer or phone during this time.

5. Patch, patch, patch.

Malware that doesn’t come in via document macros but often relies on bugs in software and applications.  When you apply security patches, you give the cybercriminals fewer options for infecting you with ransomware.

6. Train and retrain employees in your business, and educate your friends and family. 

Your users can be your weakest link if you don’t train them how to avoid booby-trapped documents and malicious e-mails.  Similarly, if you share your phone or tablet with friends or family, tell them what they should and should not do when opening messages sent to them via online games or accessing click-bait.

7. Segment the company network.

Separate functional areas with a firewall, e.g., the client and server networks, so systems and services can only be accessed if really necessary.