Cyber criminals are always on the prowl, analysing online behaviour of users and looking for new opportunities to infect computers. Ransomware is the latest malicious threat that infects computers and blocks access to data until a ransom is paid.
One Channel CEO Bernard Ford warns that many victims of ransomware attacks thought it would never happen to them, ending up unprepared to withstand the attack and paying thousands in ransom.
Gartner has indicated in various studies that one laptop is stolen every 53 seconds, while The Independent IT Security Institute predicts that more than 390 000 new malware programs are reported every day. More importantly, the National Cyber Security Alliance states that 60% of companies close within six months of a data disaster.
“Don’t become part of this statistic. With a few simple tricks and robust ransomware protection software from Acronis you can protect your valuable data in the most efficient and cost-effective way,” says Ford.
Acronis Active Protection is an advanced ransomware protection technology, it actively protects all of the data on a computer. It constantly observes patterns in how data files are being changed on a computer. One set of behaviours may be typical and expected whilst another set of behaviours may signal a suspect process taking hostile action against files.
Acronis Active Protection is integrated in its consumer product, Acronis True Image 2017 New Generation, and will shortly be introduced in its SMB and enterprise product Acronis Backup 12 Advanced.
The Acronis approach looks at these actions and compares them to with malicious behaviour patterns. This approach can be exceptionally powerful in identifying ransomware attacks, even from ransomware variants that are as-yet unreported.
Additionally, Acronis Active Protection is capable of detecting new threats based on already identified patterns as well as learned ones. Results must be adjusted to reduce false positive detection of things that really aren’t ransomware. Acronis Active Protection maintains a whitelist — programs that are allowed and expected to perform certain actions — to prevent authorised activities from being falsely tagged as unauthorised.
Ford says one way that criminals could choose to compromise files would be to attack the Acronis True Image program itself to corrupt the backup files it creates. “To protect against this, Acronis has implemented a robust self-defence mechanism that won’t let criminals disrupt the work of the Acronis application or backup file content.”
In addition, Acronis Active Protection monitors the Master Boot Record of Windows-based computers. It won’t let any illegitimate changes to be made to prevent you from being able to properly boot one’s computer.
If ransomware begins to encrypt files, Acronis quickly detects and halts this process. The fact that Acronis is a backup solution, any data that was exposed and encrypted before the process was halted can be recovered from a variety of backup sources.
“Not only can’t alternative anti-ransomware solutions commonly end an attack once it has started, they have no way to recover any files encrypted by the attack. Acronis True Image with Acronis Active Protection detects, deflects, and restores files of any size,” he explains.
The methodologies in Acronis Active Protection detect, deflect, and restore in advanced ways. These protection approaches not only stay ahead of the criminals, but they are more innovative and advanced than any other anti-ransomware methodology available.
He says regular full image backups are the ultimate way to mitigate ransomware attacks. “Critical files should have regular backup with a minimal interval, preferably to a secure cloud storage provided by your backup vendor. However, you need to check with your vendor to make sure that the cloud backup is protected against ransomware.”
Modern backup software has inbuilt real-time protection against ransomware. Innovative technology using behavioural heuristics analysis will detect and stop ransomware even when your anti-malware program is not able to do it. Acronis Active Protection will let you automatically restore any damaged files with no limitations on size.
“Anti-malware software, or what is commonly known as ‘anti-virus’, provides a valuable defence against malware infections, but choose your software carefully. Remember, many free anti-virus programs don’t offer any protection against ransomware,” he warns.
“Do not ignore software update messages, they are there for a reason. Software updates are designed to introduce new features or patch up security holes abused by cyber criminals. The sooner you patch up, the less likely your system will be exploited by ransomware,” he adds.
Upgrading to the latest software version is also a good practice. Outdated software may not be supported by the vendor, which makes it more prone to attacks. This applies to both applications and operating systems.
Ford says if you receive something from a person you don’t know, or something you don’t expect, don’t open it. “Check it with the sender, run it through your anti-virus program. You may need do the same even for emails received from people you know. Be on a safe side, don’t open suspicious email attachments and don’t click the links, especially the ones asking you to download software ‘to read this attachment’.”
Essential business software applications such as Microsoft Office 2016 now include an option to ‘Block macros from running in Office files from the internet’. This is handy, make sure it is enabled.
“When you receive a Word document or an Excel spreadsheet by email and it asks you to enable macros, don’t do it. A lot of harmful malware is spread this way. If the file is infected and you turn the macros on, you give the hackers permission to install ransomware and start encrypting your data,” he concludes.