Ransomware is a frequently reported threat, and it may be only a matter of time before a significant attack takes place and impacts many individuals and businesses. Here are some basic behavioural changes to help protect yourself, your organisation, and your employer:
- Email Threat Awareness – DO NOT open attachments or click on links unless you trust and can verify the source. Malicious websites and infected attachments can install ransomware and encrypt your data.
- Patch Management – Keep your operating system and software applications up to date. Software vendors are continuously updating their software to remove identified vulnerabilities. If your software is no longer supported, consider switching to an alternative product.
- Pirated Software – DO NOT download software from peer-to-peer file sharing sites, including avoiding licence key generators and other software cracks. Threat actors alter versions of legitimate software to deploy malware. Also, as pirated software is unlicensed, security patches and further updates will not be available, leaving exploitable vulnerabilities in place. Worse still, so-called “security patches” from illegitimate sources may introduce additional malware.
- Anti-malware – Keep all malware removal and protection software up to date. If a website popup claims your system is infected, it’s likely scareware designed to trick you into buying fake security software that may itself contain malware. Use a trusted brand.
- Software Clutter Clearing – Uninstall software packages and browser plugins that are no longer required. Reducing software clutter lowers your attack surface.
- Software Whitelisting – Allow only pre-approved applications to execute, while blocking everything else by default. This deny-by-default approach helps reduce malware, intrusions, and the use of unauthorised software.
Ransomware remains a persistent threat, but with simple, proactive habits and a security-first mindset, much of the risk can be avoided. By staying vigilant, keeping systems updated, and being cautious with unknown sources, you can significantly reduce the likelihood of becoming a victim.
Information security, risk management, internal audit, and governance professional with over 25 years of post-graduate experience gained across a diverse range of private and public sector projects in banking, insurance, telecommunications, health services, charities and more, both in the UK and internationally – MORE