Full width home advertisement

Technology Trends

Post Page Advertisement [Top]

How to Protect Yourself from Ransomware in 5 Steps

Ransomware is a type of malware that attacks your computer and usually threatens to encrypt all your data and files unless a fee is paid within a certain time limit in order to decrypt your information. Ransomware has been successful at infiltrating people’s or organizations’ computers and stealing money from desperate users who had no idea what to do.
This cybersecurity threat is unknown to many users but has recently been on the rise according to a formal FBI warning released in 2015. Numerous incidents have already been reported in 2016. The first signs of this malware happened in 2013 and unfortunately, there still is no definite way of stop it. Would you or your organization know what to do if your computer were infected with ransomware?  Here are 5 steps you can take to avoid getting infected by this malware:

5 Steps to Protect Against Ransomware

 5 steps to protect against ransomware
  1. Fight the Angler Exploit Kit

What we can see is that many ransomware threats are propagated with the Angler exploit kit. Here is what should be done to protect your data:
a. Be sure that all software is updated
By updating your software, it patches up the bugs and vulnerable spots which can help prevent any attacks from occurring. It is important that you always ensure you have the latest software for your applications such as:
  1. Browser
  2. Flash
  3. Java
b. Use web filtering to monitor and block infection vectors
Many infections can be blocked by using a web filtering application. The infection will not have a chance to reach your computer. For example, a lot of JavaScript code can redirect your browser to websites which will try to use the Angler Exploit Kit against you; by using a web filtering application you can directly block these websites.
c. Have an updated antivirus
Having an updated antivirus helps keep your computer safe from attacks.
d. Have updated IPS rules
Many IPS like Snort already come with some rules to detect and protect against exploit kits. Those rules don’t generate a lot of false positives and can be enabled without much risk of dropping legitimate traffic. For example, here is a Snort rule which detects an attempt of the Angler Expoit Kit:
alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:”EXPLOIT-KIT Angler exploit kit landing page detected”; flow:to_client,established; content:”<input>”; content:”</input>”; fast_pattern:only; content:”<nobr>”; content:”</nobr>”; metadata:policy max-detect-ips drop, policy security-ips drop, service http; classtype:attempted-user; sid:37014; rev:1;)
If we take a look at this Snort rule, we can see the detection of the <nobr> tag which is not really an HTML standard, which is why this rule will not generate many false positives.

  1. Backup your data

Back up your data regularly, in case you do get an attack everything will be saved.  You will not be concerned to re-install your computer anew if you do come under attack. This step is very important in the unfortunate case of an attack.

  1. Double check all mail with attachments before opening them

Always double check emails before opening them to make sure it isn’t spam or a virus being sent around. Make sure you know who the sender is or what the attached file is before you open it.
You can also use an antispam product or a sandbox appliance which can block emails before they reach end users workstations.

  1. Install browser plug-ins to block pop-ups and JavaScript

When you have a browser plug-in that blocks pop-ups, you are doing yourself a huge favor. A lot of attacks come from pop-ups which might redirect to infected websites. All it takes is a couple of seconds on a bad pop-up and you can catch something. Enabling this helps you get rid of that problem without having to worry. Once again, be careful with the kind of browser add-on you download, we advise you to start by using the most known add-ons like NoScript and AdBlock or AdBlock Plus.

  1. Regularly scan your computer and apply the latest updates

As discussed earlier, updates are always good, so update your computer regularly and scan it to make sure everything is OK. This step can easily save you from an attack; you just have to take the time to do it!

By following these steps you are helping yourself to keep away from attacks. Ransomware still occurs frequently to many people but day by day the impact of it grows smaller. Help yourself get ahead of ransomware and be prepared in the case of an attack.

Wanna Cry Ransomware Guidelines to stay safe :
  • Be careful to click on harmful links in your emails.
  • Be wary of visiting unsafe or unreliable sites.
  • Never click on a link that you do not trust on a web page or access to Facebook or messaging applications such as WatSab and other applications.
  • If you receive a message from your friend with a link, ask him before opening the link to confirm, (infected machines send random messages with links).
  • Keep your files backed up regularly and periodically.
  • Be aware of fraudulent e-mail messages that use names similar to popular services such as PayePal instead of PayPal or use popular service names without commas or excessive characters.
  • Use anti virus and Always make have the last update.
  • Make sure your windows have the last update close the gap.
Update 5/15/2017 : 
The entry of the virus to your device, which is dependent on a gap in the Windows system and the gap is present in all types of Windows is that the feature is open.
if you did no't update your windows just turn off SMP,
There are two methods to turn off SMP manually or Tools . 
First Manually :
1.Control Panel\Programs\Programs and Features.

Image

2. Remove check Box  SMB1.0/CIF Filse Sharing Support.

Image

3. you must be restart your computer.
Done! Now you are safe. 

2. Tools :
Link Download direct: SMB2 Tools Disable 
1. RUN AS ADMINISTRATOR.
Image
2.First check if the Features is turn on !.
when you run the tools will show this, if you see SMB2 currently enable so you must be Disabled it  
Image

3. SMB2 IS currently disabled.
Image
4. you must be restart your computer.
Done! Now you are safe. 
I hope it helps to keep you safe.

No comments:

Post a Comment

Bottom Ad [Post Page]