Being a Victim of Ransomware – Pt. 2

This entry was posted in Security and tagged , on by .

The Top Tips

Always keep your computer updated:

It is always important to keep your servers, computers, and even your wireless devices up to date with the latest software patches and upgrades.  True, it may be a pain sometimes doing this (especially if you have the Windows 10 OS), but doing so will pay huge dividends in the end.  Apart from this, there are also other preventative measures that you can take, which include the following:

  •             Always keep your Adobe Flash Player, and other Java based Web browsers up to date. This will help to prevent any kind of “Exploit Kit” Ransomware attacks from occurring.
  •             Disable the VSSADMIN.exe file: This is an obscure file in the Windows OS in order to administer what is known as the “Volume Shadow Copy Service”.  This is used to keep a version history of files in your computer that are not used very often, or that are deemed to be arbitrary in nature. Since very few people actually use this tool, it has thus become a favored avenue of the Cyber attacker.
  •             Disable the other automated services in the Windows OS.  These include the following:
  •                         Script Host;
  •                         Power Shell;
  •                         Auto Play;
  •                         Remote Services.

Shut down your entire computer system(s):

If you think you may be in the beginning stages of a Ransomware attack, immediately unplug your computer.  This action will help to mitigate the actual .EXE file from entering into your computer.  However, if your IT infrastructure is large, shutting down the entire system is still your best bet.  True, this will cause some downtime, inconvenience, and lost revenue, but this cost is minimal when compared if your business or corporation were to be become an actual victim of a Ransomware attack.

Never, ever pay the Cyber attacker:

If in the unfortunate case that you do become a victim, never pay the Cyber attacker under any circumstances.  There are two primary reasons for this:

  •             Even if you do pay the ransom, there is no guarantee that you will get the decryption   key in which to unlock your computer and files;
  •             Paying the Cyber attacker will only fuel their motivation and greed to launch more       Ransomware attacks.


Finally, in the end, remember that you do not need all of the latest Security technologies to keep your business safe from a Ransomware attack.  It just takes following the tried and true techniques as detailed in this blog series.  But, these are very often not enacted upon, so thus, these are the prime areas in which the Cyber attacker looks for in launching their next Ransom