Resources & Publications

29 April 2016

Preventing Ransomware – 8 Things You Should Do

In the IT security field, “Ransomware” is a word that has kept popping up more and more frequently over the past few years. Ransomware is any piece of software that blocks access to a computer system or its essential services until a certain amount of money is paid. Although mainly targeted at individuals, businesses and other organisations are also at risk from Ransomware attacks. Ransomware attacks targeting Sri Lankans are known to have increased as well. What should you do to prevent your systems from being held at ransom? We have compiled a list of 8 things you should do to ensure that your data and your money are safely where they should be.


1. Back up your files regularly, and keep an off-site backup

There is a saying that goes “Backup early, Backup often”. For businesses large and small, backups are one of the sure-fire ways to ensure that data is kept safe, not only from Ransomware, but also theft, accidental deletion, fires, flood, or natural disasters. An off-site backup helps against events that occur at the physical location of the data. Make sure the backed-up date is encrypted to prevent data theft.


2. Don’t enable macros

Although macros are very helpful, Office documents that have macros enabled have been found to be the distribution method for a lot of Ransomware. Have a policy of not opening macro-enabled documents downloaded from the internet.


3. Consider installing Microsoft Office viewers

Viewers allow users to see Word or Excel documents without macros. They also do not support macros, which makes it impossible to enable them, even by mistake.


4. Be wary of opening unsolicited attachments

Most recent Ransomware attacks have been caused by documents distributed as email attachments. If the file is unknown or unexpected, do not open it.


5. Don’t give yourself more login rights than needed

Many of us make the mistake of being logged in as administrator. This allows Ransomware and other malware an easy platform. Use a regular non-admin account for web browsing, opening documents, and regular work.


6. Keep on Patching

Ransomware that doesn’t get to your computer system via document macros often tries to exploit vulnerabilities in software and applications. Keep applying security patches to your software whenever available, as this will give cybercriminals fewer options for infecting you with Ransomware.


7. Train and retrain your employees

Your employees should always know how to be on the lookout for malicious emails and documents. Don’t make them your weakest link – keep them trained how to spot, avoid, and report them.


8. Segment your network

Firewalls should separate functional areas of your network; e.g. client and server networks. Systems and services should only be accessed when necessary.