Preventive measures against ransomware
Preventive measures against ransomware

The worst case scenario for many companies: The loss of important data due to so-called ransomware. The number of cyberattacks is increasing and thousands of computers in over 100 countries are being attacked. On May 12, 2017, the WannaCry crypto Trojan began to spread worldwide and encrypted data from large companies, authorities and hospitals.
There are basically two types of ransomware: firstly, the “cryptotrojan”, which encrypts the data on a computer and makes it unusable without a key.
The second is the so-called “lockscreen Trojan”. It uses a lock screen to prevent access to the PC and can look like a message from an official body, such as the Federal Police.
With both variants of ransomware, the cybercriminals demand a ransom, usually in the form of Bitcoins or iTunes vouchers, for the decryption or release of the data.
To protect files and minimize the risk of infection with ransomware, the following preventive measures are essential:
1. virus scanner
When using a virus scanner, care should be taken to ensure that it is always the latest version. In addition, not every product is able to detect the sometimes well-hidden malware.
2. regular backups
Automatic and preferably daily backups on external media allow the computer to be restored at any time if access to the stored data is denied by Trojans. It is important to ensure that the connection between the external storage medium and the PC is also disconnected again. If this is not done, there is a very high probability that the backup will also be affected if a computer is infected. Furthermore, it must be ensured that the backup can be accessed sufficiently far back. This is the only way to restore data whose infection was only noticed too late.
3. updates, updates, updates!
The latest updates and patches are used to fix vulnerabilities in specific software and block access for blackmail Trojans. These security updates should be installed as soon as they are released.
4. be careful when opening email attachments
Ransomware can be sent from various senders and it is not uncommon for the sender to look familiar. The Trojan can be hidden behind a job application, invoice or a photo from your last vacation. You should compare the sender addresses carefully and also pay attention to the file extensions. You should be particularly careful with Office documents, archive files and script files. In particular, invoices and reminders from companies with which there is obviously no business relationship should not be opened.
5. avoid unsafe websites
It is recommended that you only use secure websites and avoid suspicious downloads. You can usually recognize unsafe websites by the fact that the URL has nothing to do with the name of the website. You should be careful here and it is best to avoid the site.
6. sensitize employees to ransomware
Employees should be trained and made aware of the various dangers and security tips. This can prevent, for example, a supposedly harmless email attachment from being opened and a Trojan gaining access to the company network. Consulting companies such as accompio offer such awareness training in companies.
If you have nevertheless fallen victim to a blackmail Trojan, the authorities advise against paying the ransom to the cybercriminals. You should not support this business and there is no guarantee that you will receive the key to unlock your data once you have paid. It is better to report the incident to the police or the relevant authorities and remove the affected computer from the network immediately. Despite all this, there is still hope, because experts are analyzing the Trojans that have become known and trying to decrypt them so that affected users can unlock their data again. However, this may take some time. If necessary, the data must be analyzed and restored from a backup.
About us
We are a powerhouse of IT specialists and support customers with digitalization. Our experts optimize modern workplace, DevOps, security, big data management and cloud solutions as well as end user support. We focus on long-term collaboration and promote the personal development of our employees. Together, we are building a future-proof powerhouse and supporting customers on their path to successful digitalization.