@ I Blog
Travel, Food & Me.

Ransomware Danger 101 Prevention

How to prevent RANSOMWARE from infecting your computer? Before we go further into prevention, let’s talk about what is ransomware and why is ransomware is one of the most annoying malware today (2017). One of the most wide spread ransomware today is “Locky”.

Basically, a ransomware is a malicious; i would say annoying malware that holds your computer at ransom and demand a payment. It is same as kidnapping your computer and demanding a ransom to be paid before it will release your computer. There is NO guarantee that after paying, you are able to access you files again.

Ransomware uses high encryption technology that encrypts all your computer files and is able to spread from your computer to thumb drive or any other device that is plugged into your computer even LAN network.

It is indeed a crime, an expensive crime I would say.

Expensive, why? Yes! If you are a home user, maybe holding your computer for ransom doesn’t cost you much because you may not have that many important files or data. As home user, you just need to re-format and re-install the computer OS. This re-formatting and re-installing tho is quite tedious and time consuming but no important data need to be taken in consideration therefore no lost.

But if you are in business or in corporate, there are tons of IMPORTANT files and data that you need. Records of past history files, etc. These are important data for your daily business operation. Re-formatting and re-installing may not be an option for you as you will lose all your files and data after re-formatting which is very troublesome to your office daily operation. This is where it became expensive.

How does it get to infect your computer? How to prevent it?

  • through web browser. Be aware of some site you visit especially non legitimate websites.
    • For an example, there is a ransomware that runs on JavaScript code to lock your web browser and then show a fake warning message. It will lock your screen and demand you to call a number and thus demand a payment from you to fix the issue.
    • Do not panic, just press CTL-ALT-DEL and then goto Task Manager and then CLOSE the message application. Clean your browser history and if necessary, reset your browser to default.
  • through emails*. TRY not to open email attachment if you feel that the attachment is suspicious.
    • For example, you friend (yup, from your friend’s email address) sent you a file or image attachment, etc. DO NOT OPEN such files unless you are very sure it is safe.
    • Very commonly, email is the main culprit in activating Ransomware. This is especially so; in common corporate emails because they have many incoming emails on a daily basis. Innocently, you might just open an email with such malicious attachment.
  • through USB thumb drive or external hard-disk. Very seldom thumb drive carries ransomware unless it’s files are already infected. Most common are viruses that lurks around thumb drive. This can be easily prevented by using your anti-virus software to scan the USB thumb drive (pendrive) before opening the drive. Still, extra care is recommended.
  • through LAN network. If one of the office computer (on the same LAN network) been infected by ransomware, quickly disconnect that PC from the network.

Prevention better than cure.

  • Install anti-malware software.
  • Install anti-virus (ensure it is always updated).
  • Install Firewall (hardware) in your LAN environment.
  • Do not open any suspicious email attachments.
  • Do not surf illegal or non legitimate websites. Illegal websites as in music or movie downloads, torrent websites, porno websites, etc.

One of the best anti-malware that I have used is Malwarebytes. It is developed by a dedicated group of experts.  Of course, there are no fool proof 100% prevention guarantees in scanning since why some malware managed to infect the PC are due to human interaction like opening a suspicious email attachment or surfing a non-legitimate website.

Final note:

Nothing much you can do if your computer (PC) is already infected or locked by Ransomware. Anti-virus or Anti-malware software (at the moment of this writing) are NOT ABLE to clean or remove ransomware. This is due to frequent change of it’s encryption code in the infected files. Re-formatting and Re-installing OS cannot be avoided.