What to do and not do before a ransomware attack

Do you remember the famous attacks of the Wannacry, Cerber or Cryptolocker ransomware? Are you thinking of generating an anti-ransomware policy to protect your company? Ransomware may seem like a tsunami that as soon as it arrives at our company sweeps it. However, there is Zonealarm anti ransomware that will be perfect protection of your computer. Below are a number of easy tips and tricks that can protect us from a ransomware attack.

What is ransomware?

Ransomware is malicious software that restricts access to some parts or files of the operating system, which is then requested to rescue. If we decide not to pay, this data is blocked indefinitely, permanently deleted or even worse. Rescue demands can range from tens to hundreds of thousands of euros. These types of attacks are not something exclusive to companies, they also affect private users. When distributed digitally and indiscriminately, all those who have digital devices are at risk. Here are some tips on what not to do and should be done under a ransomware attack.

What should we not do

1. Pay the ransom. There are multiple studies that show that your files will probably not be unlocked despite paying what they ask. There is also a broader social implication: ransomware manufacturers are rewarded with the ransom payment and will attack others with that financial support. 2. Provide personal information when replying to text messages, instant messages, phone calls or emails. Not only can it be a phishing attempt (even coming from a trusted source), this email can be used to obtain information for a future attack. 3. Leave the Internet connection active during a ransomware attack. Despite being able to stop the ransomware by completing its encryption routine (interrupting its connection to a Command and Control server) it is not advisable to keep the connection active during the initial stage of the attack. 4. Run backups when the system is infected with ransomware. When we suspect that our systems are infected, we must stop backing up our data immediately. This will prevent the fate of our backup from being infected. 5. Wait until a threat arrives to use ransomware countermeasures. Prevention is the best cure. A backup strategy must be the first step in our list of measures. 6. Give yourself, or others, more login power than necessary. Having a lot of startup control is good, but it can also be a security risk. It is best not to stay connected anywhere longer than necessary.

What is there to do

1. Restore affected files from clean backups. When we receive a ransomware attack, we must ensure that we restore only the backups that we know are clean and stable. This means keeping our backups clean with a built-in response measure such as the CryptoSafeGuard function of Backup Assist. 2. Use a reputable firewall and antivirus software. The best defense against an attack of randsomware is to have a firewall and AV software that will give us multiple layers of defense to help stop or slow down the path of the virus. 3. Use content scanning/filtering on mail servers. Using this tool, we prevent ransomware from accessing our devices through one of the main infection routes. 4. Keep systems and software updated and patched. We know that there are companies that fall behind in patching their software. This is because they believe that patches may be difficult to implement or may cost money due to a subscription. But delaying the patching of our software can open a backdoor for accessing our devices to ransomware manufacturers. 5. Train employees to recognize the signs of phishing. We have to teach employees the risks of not being careful with suspicious emails or documents loaded with viruses. Now we know how to act against a ransomware attack. So we have to be cautious and equip our teams with the best prevention tools.