What is Ransomware and How Can You Identify it?
Fri 16 February, 2018
Ransomware is a type of computer virus which finds a way into your device by discovering a security hole in your device or tricking someone into downloading it. It then threatens to delete your files if you don’t pay a ransom. As the fastest growing type of computer virus, it is highly important to ask yourself how does ransomware work? And look at the ways in which you can detect it and protect yourself from it.
- Look out for known file extensions
Although there is a continually growing list of Ransomware file extensions, it is still a good method for keeping tabs on suspicious activity. With file activity monitoring, you can keep a record of file and folder activity on your network to help prevent against ransomware. There are several online databases which list Ransomware variants as well. This is a good resource to use to ensure you are up-to-date and know exactly what to watch out for.
- Use anti-ransomware agents
More and more companies are beginning to release anti-ransomware software, designed to run in the background and block Ransomware from encrypting your data and monitor text strings tied to ransomware. The only downside is that for it to be effective you must install this software on every network device.
- Keep an eye on file renames
So, how does ransomware work? And how can you spot it? It can be small things at first such as files being renamed on network shares. If you start to see a big increase in file renames, this is a red flag and likely signifies a ransomware strike with your data getting encrypted. On a normal day you’ll get a handful of renames but if this goes above 4 renames per second then you have a potentially serious problem.
- Update your IDS system
Help fight against ransomware with an exploit kit detection feature, which comes with many IDS and firewall systems. Exploit kits are one of the ways ransomware accesses devices through spam or compromised websites. Make sure your network security systems are updated and can notice exploit kits.
Help protect against Ransomware by regular off-site backups. Visit our Secure Cloud Back Up page to find out more about our backup solutions.
For more information on the ways we can help you identify and protect you against ransomware, get in touch with us.