Have you heard about all those companies and private persons paying big amounts of money to hackers because they are unable to access files in their own systems? Not only is it dangerous because the files are encrypted and impossible to reach, but also because hackers often get access to private material that the companies don’t want to be spread around either. As a result, they feel forced to pay, no matter how high the demand is.
But, one of the questions we might ask ourselves is how we can protect ourselves against this? If you have already been attacked, then there is little to be done. So, how can you be prepared for this and make sure to stay safe whenever someone should try to hack you and get hold of the data on your device(s)?
There is no final solution that will solve all of this forever, but you will for sure make it way harder for any hacker if you follow some of these suggestions!
Make backups all the time
One of the basic problems with ransomware is that they revoke access to your files. As a result, you will not be able to work, see what has happened to your documents, and find all the information you are in grave need of to get work done. But, if you lose access to your files, wouldn’t you be able to fix the problem if you removed the malware and restored a backup taken before the files were encrypted? Yes!
It still means that the intruders have gotten access to your files and that they can take advantage of data they have gotten access to. But, you will not need to pay the ransomware fee to get access to your files again.
In other words, making backups is one of the best ways to protect yourself.
A file syncing service / online storage is not a backup!
For a long time, I thought that syncing my files to different cloud services like Dropbox and Google Drive will help me stay safe. For some reason, I considered this to be a backup of my files. But, that is a dangerous error to make. Do you know why? These are not backup services, they are simply file synchronizing tools. They are very useful, because when you modify a file on your computer, it will be synchronized, making sure that the changes can be seen on all your other devices as well.
But, have you thought about what will happen if a hacker encrypts a file on your computer? Or if they encrypt a file in the cloud? The service will discover that the file has changed, and make sure that the changes will happen on all your other devices as well. As a result, the infected file will be multiplied, synchronized, and made available everywhere. What is the result? This isn’t a backup, because the infected files will be available everywhere!
How to backup correctly?
We have already seen that a file storage/syncing tool is not a backup. So, a real backup is a tool to which the files are copied, but not touched later whenever a change takes place to the original file. Such backups can be done in different ways.
- You can use offline backup drives
An easy way to fix this is by making backups to hard drives or servers not connected to the Internet or to a network. They will only be used for the purpose of doing a daily backup or following your backup routine. Since it is offline, it cannot be accessed by hackers, and it is, thus, a way more safe way to backup files.
- Use a so-called Immutable storage
What is immutable storage? There are services online which can help you with this, and you can also set it up for yourself. But, immutable storage is about creating backups that cannot be altered. As you might have understood already, hackers will often gain access to the backups as well, encrypt them, and make it impossible to re-create the files without paying them.
But, an immutable backup storage create files that cannot be modified. Once it is created, it cannot be changed. So, you can store these backups for a long period of time, and even though you should be infected, the infected files will not be able to modify those files you have backed up in immutable storage.
Don’t wait for an attack to happen!
Having a backup ready in case of emergency is very useful. But, don’t wait for the attack to happen. It is much easier and it is cheaper to decrease the chance of an attack to happen. This can be done by following some of the following pieces of advice.
- Don’t open attachments and other files you don’t trust.
The most common way for hackers to gain access to your devices and files is through attachments and files you download. You need to be careful yourself, and if you work as an administrator, you need to teach your co-workers, students, and more. Normally such attachments and files will gives partial access to files, and from there, the hackers work themselves towards more files, administrator access, and more. In other words, stay safe.
- Install anti-virus programs and malware detectors
This is quite basic, but have programs running on your devices that will discover viruses and malware immediately. It is quite common to have virus programs running, but malware scanners are not as usual. But, it can be very important and save you from much trouble if you discover the malicious software before it starts to harm you.
- Use a VPN
A VPN can help you as well. It will encrypt your activities online, and make it almost impossible for hackers to get access to your device. Of course, if you install malicious content coming through apps and games, they can still spy on you and get hold of passwords and files. But, if you follow the pieces of advice from earlier in the article, and in addition, use a VPN, you should have good opportunities to steer clear from danger.
I hope this information will help you. Feel free to ask questions, share your experience or how you defend yourself against ransomware and malicious content by writing a comment below!