【Information Security Advocacy】Avoid the "data" kidnappers! Preventing and Responding to the Threat of Ransomware
Ransomware is a form of malicious software that threatens victims by encrypting files on their devices, demanding a ransom (usually in cryptocurrency) for the decryption of files. The threat is that failure to pay the ransom will result in the inability to decrypt files or the public exposure of sensitive data on the computer.
Infection methods for ransomware include vulnerabilities in user computers, such as browser software, malicious links on websites (e.g., ads, news), fake websites impersonating banks or government agencies, clicking or opening malicious websites or attachments in emails, and infection through illegal software.
To prevent attacks, we should:
- Regularly back up files
- Patch software vulnerabilities
- Exercise caution when opening emails
- Be careful while browsing online
- Install antivirus software
- Isolate known viruses
In the event of a ransomware infection, urgent measures include:
- Immediately disconnecting from the network and shutting down the system, avoiding payment of ransom
- Seeking assistance from experts or reporting the incident to law enforcement
- Reinstalling the system and restoring files from backups.