Ransomware: How to keep your work safe and your accounts secure
Ransomware is on the rise, as malware allows hackers to gain access to your networks and prevent you from accessing your accounts until a digital “ransom” is paid. What can you do to prevent being hit next? Cher Zevala explains three basic steps to help keep you and your network safe.
We all know that online security has become a big issue over recent years, but unfortunately one of the newer sources of stress that is really growing in leaps and bounds these days, and which all developers need to be incredibly wary of, is ransomware.
A particular type of malicious computer malware, ransomware gets installed on a victim’s device without their knowledge (e.g., on their laptop, smartphone, desktop, or tablet) and then prevents that person, or the company they work for, from accessing their system and information until a certain amount of money, a “digital ransom,” has been deposited in an account.
There are numerous ways that ransomware can be used by hackers that is particularly dangerous to developers. Often, a whole computer system is locked and inaccessible to the owner until a password is purchased to unlock it. Other times particular files are encrypted, and their original versions deleted, so that a ransom must be paid to get access; or alternatively victims are told that their data will be published for everyone to see unless money exchanges hands.
Ransomware has only been around for a few years (it first cropped up in around 2013), but since then seems to have become one of the most popular weapons of choice for hackers. Now, the latest figures show that the average ransom demanded by attackers is close to $700. This doesn’t factor in the time lost or the stress involved either. As a result, it is vital that developers spend the time and money needed to protect themselves and their work from being compromised. Read on for some of the key ways you can go about doing this today.
Secure your devices
One of the first things you should do to keep your work safe is secure all of your internet-enabled devices. A good way to go about this is through installing comprehensive security software. In particular, you should purchase a product that includes consumer ransomware protection, so that it will block ransomware from entering your computer. You can purchase products which will protect up five to 10 devices at a time.
Other ways to secure your devices include using proper passwords that can’t be hacked (these should be at least eight characters in length; include a mixture of symbols, upper and lower case letters, and numbers; and not be related to information about you that people can find online); and keep software, plug-ins, browsers, and the like updated at all times, so that the most secure versions are running.
You should also install firewalls on your computers. Firewalls act as another line of defense against hackers when they try to get into your devices via an internet connection. You may already have a firewall pre-installed on your computer, but check the settings to make sure it has been activated.
Back up your data every day
Another way to keep your work safe and ensure that you’re not vulnerable if you ever get caught in a ransomware attack is to back up your data constantly. All of your work, contacts, and the like should be backed up every day so that if you ever get hacked, you don’t lose information, time, or money.
Note, though, that it usually isn’t enough to back up to on-site systems and servers, as a lot of hackers are aware that this is where people store data, and thereby find ways to attack these local storage devices as well. (This is often done when cybercriminals get into a desktop and then manually work through a network until they gain access to servers.) It is best, as a result, to back up to either the cloud or to an unconnected storage system that doesn’t stay plugged into the internet or your computers all the time.
Be cautious about emails and links
Lastly, another key tip for staving off ransomware attacks is to be very cautious about which emails you open on your devices, and which links you decide to click on. It is common for ransomware hackers to use phishing attacks as bait, as a way to plant malicious codes on computers that surreptitiously crawl through systems in the background.
For example, hackers may put a malicious attachment on an email or upload fake links, with malware encoded into them, to various websites. They have also started doing a lot of “malvertising,” where legitimate ads, by websites and companies that people know and like, are embedded with malware.
To protect yourself from these types of attacks, it is important to never open email attachments from people you don’t know, or any time where something doesn’t look quite right. As well, be careful of suspicious links, and make sure that you always type in the URLs of websites where you need to login directly, rather than clicking on a link. This will ensure that hackers don’t find out your passwords or usernames.