What’s ransomware, how do you protect yourself?

ransomware

Robert Ndlovu
HOW do I protect myself from ransomware? For individuals the matters resolves around standard issues. First make sure you have an up to date and updated anti-virus software. There are dozens of vendors in this area from Symantec, Norton, Avast among others. This is for Windows operating system users. Linux users do not face the same challenges. But people just love Windows. Avoid clicking on links or opening attachments or emails from people you don’t know or companies you don’t do business with.

This is particular to social media users like Facebook. This is how your account gets hijacked. Regularly have your files back up to some external storage like a USB drive or even external hard drive as the need arises. This must be done consistently and on a set schedule. Disaster strikes any time with or without warning. Backing up your files is the only safest way to guarantee the integrity of your files. The internet has made storage of files even easier. You can use free cloud storage services like GoogleDrive, OneDrive, Dropbox and more. Cloud storage is a way of data storage in which the digital data is stored in logical pools, the physical storage spans multiple servers (and often locations).

In simple terms this means that a single file can be physically stored in Cape Town, Iceland, Dubai and Boston data centre but can be pulled logically from your browser and downloaded to you device. Even if you lose your laptop, if you had served your important documents in the cloud “no matata”. Companies like Microsoft, Google, Amazon and others hire hackers to protect their systems. It takes a thief to catch one. So your files from word in whatever format can be safely stored where ransomware will have a hard time locating all storage servers.

Criminals of late have shifted from individuals to enterprises large and small private and public. The reason is straight forward. Criminals know that many vital public institutions such as hospitals, police stations, fire stations, some Government departments typically do not have the most sophisticated cyber security.

Let us get local and hammer this point home. I do not enjoy stating that most Zimbabwean Government websites are very insecure. I will not list the websites here for obvious reasons. It is understandable why the Minister of ICT, Postal and Courier Services said there might be need to accelerate the passing of the Cyber and Computer Crimes Bill after the Wanna Cry wave last week. Fast tracking the bills in their present form will be futile. Fast tracking the bills against a background of poorly secured system does not cut it.

GISP is the Government ISP tasked to take care of all state e-systems. I am not sure they are up to the game as evidenced by the state of some of the Government ministries or department websites. Why the fuss? A website if not set up properly might donate some information to the bad guys unintentionally. The private companies are not any better. One insurance company was breached two months ago because of this take-it-easy mentality.

They did pay the ransom as they had no option. If the random penetration test results that I have seen are anything to go by, then we need to up our game and secure our boundaries.

Security is no longer an issue at Chirundu or Beitbridge border alone. But must include cyber boundaries as well. Critical infrastructure, such as dams, power grids and other systems are increasingly linked to the Internet, meaning they, too, are exposed to ransomware. Ignore this at your own risk, you have been warned.

To ICT practitioners in the security industry it goes without saying that they must continuously be in phase with the latest software threat models. This calls for continuous and consistent upgrade of skills on a regular basis.

Organisations with something to lose must invest in the technical skills of their personnel. At a national level by now we should be having at least one cyber security centre that does daily cyber threat surveillance and monitoring. But wait this will not be possible as long as the country does not develop its own human capital. It is all written on the wall. Most recent ransomware employ TOR (The Onion Router) to conceal or anonymise their infection vectors.

This forms one of the major challenges in eradicating ransomware, as it makes it harder for researchers to zero in on the distribution methods and resources that promulgate ransomware. If you are worried about this and not sure how to proceed seek a specialist and get a threat and vulnerability assessment of your IT infrastructure to be done. Prevention is better than cure.

@robertndlovu
App — +263776002605

Source: What’s ransomware, how do you protect yourself?