Many people react with wonder and fear when they read stories about ransomware and data breaches. Given the vague and detail-free accounts of these attacks in the media, it should come as no surprise that some regard the idea of hacking a computer as some kind of magical activity, like divination.
The truth is overcoming security measures in the average computer is both effortless and trivial. Most businesses invest little to nothing in data security, and the average individual has no idea how a computer works at all.
That said, there are ways to defend your computer systems from attack, especially if you are worried about issues like ransomware. If you are interested in strengthening your systems and their security here are some things to consider.
What is Ransomware?
When an attacker gains access to a system, whether by physical access to the hardware or through a network, they can install a virus, also known as an unauthorized application, on the computer. That application can then encrypt all the data on the machine with a secret key known only to the attacker.
The ransom is paid in order to get that password from the attacker so the user can recover their data and restore the functionality of their machine.
The reason ransomware is effective is because without the key, it is virtually impossible to unscramble the data without massive specialized computer resources most companies and individuals don’t have. Going to the police won’t help either, because there is nothing they can do beyond what most others can. They can investigate, of course, but without the password or encryption key, they won’t be able to recover the data.
The most effective and least expensive way to defend against ransomware attacks is exactly the same method employed to defend against hardware failure: regular backups.
Under no circumstances should you allow more than 30 days to pass without performing at least an incremental backup of your hard drive or SSD. This is doubly true if you maintain more than one computer or a server. Because data is so easy to copy and because there are so many tools available to perform backups, having only one copy of crucial information is not only reckless, it’s completely unnecessary.
With sufficient backups, a ransomware attack can be overcome with minimal damage by simply erasing the hard drive and restoring the most recent backup.
One of the most common ways attackers get access to computer systems and networks is through spoofed e-mail. Any e-mail from an unfamiliar address that includes a link or requests information of any kind should be treated with maximum suspicion. Links in e-mail should be tested by copying and pasting their destination URL elsewhere first. An e-mail asking for login information should never be trusted. Any vendor or web site with even minimal awareness will never send a login request via e-mail.
Often-used passwords should also be changed about as often as backups are performed. This arranges matters such that even a stolen password will expire after a short interval. Networks and individual systems should have properly configured and properly maintained firewalls. If you are running a business you should have a strict no-personal-devices policy when it comes to network authorization.
Ransomware protection is not fundamentally different from any other kind of computer security. Preventing unauthorized access to a computer is a matter of best practices combined with the discipline to maintain them over time. By following these principles, even a successful attack can be overcome.