What makes this form of malware especially damaging is its ability to destroy, corrupt, or lock its victims’ files. We’re talking about much more than losing cherished family photos or several years’ worth of accounting documents (which are, of course, devastating losses): in June 2019, ransomware attacks paralyzed two Florida cities and forced officials to pay cybercriminals a combined total of over $1 million in Bitcoin to regain access to their computer systems.
Cyber-hijackers are mainly interested in the quick and easy paydays that ransomware offers, but their attacks threaten to go beyond stealing your money. Once their malware has infected your computer or mobile device, all your sensitive information, such as personal ID numbers, usernames, and passwords, is at risk of theft and exposure. If, like the infamous WannaCry strain, the ransomware has viral properties, every device on your network is at risk.
To stay safe, you need to understand what ransomware is and how to stop it from infiltrating your computers, smartphones, and tablets.
Which devices are under threat from ransomware?
If you think your Apple computer or iOS device is keeping you safe from ransomware, please keep reading. It doesn’t matter what you’re using — Macs, iPhones, iPads, Windows PCs, and Android devices are all vulnerable to ransomware attacks, though to widely varying degrees. iOS users are only likely to encounter ransomware (and other malware in general) if they’ve jailbroken their devices, since they’ve gone ahead and removed their phone’s inbuilt security protection.
In one innovative attack, cyberattackers obtained the iCloud credentials of iPhone users, locked their devices via the Find My iPhone tool, then caused their phones to display a ransom message. In another, the attackers used a browser pop-up to simulate the dreaded ransom note. These cons attempted to prey upon the widespread fear of ransomware in order to trick victims into paying up.
If you believe you’re the victim of a ransomware attack, visit one of our handy ransomware removal guides:
Ways to prevent ransomware
You can begin preventing ransomware attacks on all your devices today. Here are six methods to defend against ransomware on your Apple, Windows, and/or Android devices.
1. Keep your antivirus software up to date
The best way to prevent ransomware attacks is to stop the malware from accessing your computer or device. The first thing you should do is install an effective, top-quality antivirus program with a strong ransomware protection tool.
To defend yourself against the relentless creation and assault of new ransomware strains, keep your antivirus software up-to-date at all times. Most programs will do this for you automatically, but for additional peace of mind, set aside a moment once a week to check for updates.
Using an Android device? Activate the “Shield” features in Avast Mobile Security
In the free Avast Mobile Security Android app, the Web Shield with Accessibility feature alerts you if you unwittingly visit a known phishing or malware distribution site.
To activate this setting, follow these steps:
Open the app.
Tap the hamburger menu icon ≡ in the upper-left corner.
Switch on Web Shield with Accessibility.
Follow the instructions that appear on the screen.
2. Be wary of pop-up installation requirements
Pop-ups are seldom your friends. Whenever you get a pop-up request to update or download and install software or a plug-in while you’re online, close the pop-up without taking any action. Vigilance is vital to preventing ransomware from infiltrating your devices and networks.
The next time you’re on a site that throws up a notice that you need, for example, an Adobe Flash update to view the site’s content, get the latest version directly from the source. This applies to any and all software update pop-ups.
3. Think twice before clicking on links
Phishing scams are still the most popular way of distributing malware — the above-mentioned 2019 ransomware attack in Lake City, Florida, for instance, was launched when a city employee clicked on a malicious link in an email that appeared to be harmless.
Image Source: https://www.bellingcat.com
Cyber-hijackers also distribute their ransomware through mobile devices using text messaging and social media messenger apps. Don’t click links you receive from unknown contacts via SMS, email, or messenger applications like Skype or WhatsApp. Even if you think you know the sender, take a closer look at both their address and the link itself before proceeding. If anything looks phishy, steer clear.
4. Don’t download apps from unknown sources
When you want to download apps to your computer or mobile device, stick with trusted sources like Microsoft Store, Apple App Store, and Google Play Store, and avoid third-party app stores. While there are legitimate online marketplaces for PC and Mac, such as CNET’s Download.com and Steam, third-party mobile app stores have earned a reputation for being rife with scams.
Image Source: https://applech2.com
To add an extra layer of security, go into your device’s settings and disable its ability to perform app installations from unknown sources. You should also be suspicious if an app asks for device administrator permission. Granting this permission enables the owner of the app to access your device remotely, which is clearly a terrible idea.
5. Back up all important files from your device
In the event of a ransomware attack, having backups of all your valuable and vital files will help you in terms of damage control. The best way to prevent data loss is to use a combination of offline and online storage methods. Save your files to one or more physical devices (e.g. external hard drives, USB flash sticks, SD cards) and to cloud storage services (e.g. Dropbox, Box, Google Drive).
This way, if you do get hit with a ransomware attack, you’re ready to restore all your important files as soon as you remove the ransomware from your device.
6. Update your operating system and your apps
As annoying as Windows, Apple, and Android system update notices can be, you should never ignore them. Many of these updates involve security patches that are vital to preventing ransomware and other malware from infiltrating your devices.If you’re still using an older OS that Microsoft no longer supports, like Windows XP, you are especially vulnerable to attack. Do yourself a massive favor and upgrade to a newer operating system. You should also keep all your software up-to-date, especially your web browsers and plug-ins.
Can’t I just pay the ransom instead?
No, you should definitely not pay the ransom, nor should you try negotiating with the criminals behind the attack.
While we’ve seen a few US state and local governments give in to cyber-hijacker demands, these are exceptions to the rule: only 17 percent of them have paid to recover their data from ransomware attacks.
Your payment will likely fund the development and launch of new ransomware strains as well as potentially other criminal activities. By refusing to pay, you may help other potential victims avoid future attacks. You also have no assurance that you’ll get your files back — in some cases, the hijackers sent useless decryption keys, in others they sent nothing at all. Though they’d prefer to maintain an honorable reputation so as to inspire trust in their victims, there is no honor among cyber-thieves.
Ransomware prevention is better than the cure
While getting rid of ransomware and recovering your files is possible in some cases, it can be difficult. And note that we said “some cases” — only some strains have free, publicly available decryption keys. And since ransomware attacks are so lucrative, cybercriminals are constantly developing new strains.
Spare yourself a lot of time, energy, and grief, and follow the advice in this article to keep ransomware off your device in the first place. But rather than rely on your own judgement to avoid malicious pop-ups, links, and downloads, you can keep your files safe with Avast’s ransomware protection tool. It’s just one of the many cybersecurity countermeasures you’ll enjoy with Avast Free Antivirus, trusted by over 435 million people around the world.
So remember: stay up to date, practice safe surfing, back up often, save to the cloud and external hardware, and install antivirus software with ransomware protection. All of these practices will help keep your devices and files safe and your mind at ease.