Today, Carbonite is proud to announce an important milestone—we've rescued 10,000 customers from ransomware—those nasty computer viruses designed by cybercriminals to encrypt your important digital files and hold them hostage until a ransom is paid.
Each of these customers had purchased our cloud backup solution prior to getting hit with ransomware. It was a simple process to delete infected files, remove the virus—and download clean versions of their files from Carbonite.
To celebrate the fact that we've now saved 10K customers, we'd like to share this list of ten important ransomware prevention tips and best practices. Follow the "10 Ks of protecting your data from ransomware" and you'll never have to give in to the demands of cybercriminals:
1. Knowledge is power (and so is training)
A great way to prevent a ransomware infection is to educate yourself and train your employees on digital hygiene best practices. That means avoiding clickbait and advertising links—especially if they're hosted on websites that do not have a solid reputation. Keep in mind that if the URL of a website begins with "https" that means it has taken advanced security measures. Sites that begin with "http" are not as secure.
2. Keep a backup of all digital files
The only foolproof way to make sure you'll get your data back following a ransomware incident is to take the initiative and invest in a high-quality cloud backup system with versioning capabilities before you're attacked. That way, if your computer or your business's network falls victim to ransomware, you can delete the infected files, remove the ransomware and restore clean versions from the backup system.
3. Kickstart your antivirus software
Check regularly to make sure your firewall and antivirus software are updated and working properly. While security software vendors can’t guarantee complete protection, updated security software and firewall protection is the first line of defense against ransomware and other forms of malware.
4. Know your enemy
New and increasingly dangerous types of ransomware are popping up all the time. For example, one recently-discovered form of ransomware dubbed PopcornTime offers victims a choice: Pay the ransom or infect your friends with ransomware. A great way to defend yourself against new ransomware threats is to keep up with the latest ransomware news by visiting sites like FightRansomware.com and The Carbonite Blog.
5. Kibosh any unsolicited emails
6. Key into storage and backup differences
Many consumers, and even businesses, use cloud storage solutions like Dropbox and Google Drive because they’re often free. But users often learn the hard way that cloud storage does not offer the same protection from accidental deletions and ransomware as cloud backup. Also, many customers don’t realize that solutions like this do not automatically back up new and changed files, much less your entire desktop. Only a true cloud backup solution like Carbonite will protect your files in situations where you’re most likely to lose it.
7. Knock out software security vulnerabilities
One of the keys to fending off a hack attack is to make sure that all of your applications are regularly updated with the latest security patches. Cybercrooks are always looking for ways to break into your company's network—and they usually accomplish this by exploiting unpatched software security holes. Their goal is often to steal sensitive business or personal information, but malicious hackers are increasingly breaking into networks and manually launching ransomware attacks—a tactic that allows them to forego the process of tricking employees into opening malicious email attachments.
8. Kiss macros goodbye
Cybercriminals often take advantage of macros inside Microsoft Word or Microsoft Excel files because they can be used to secretly download ransomware onto your computer from a remote server. That's why it's important to disable macros in word processing and spreadsheet management applications. Otherwise, you could contract ransomware and not know about it until it's too late.
9. Kill admin privileges that aren't required
An effective way to guard against malicious hackers who spread ransomware is to enforce "least privilege." That means employees should only have access to the data and applications they need to do their jobs—and nothing more. Having too many users with administrator privileges increases means there's a greater chance that cybercriminals could steal their credentials and implant ransomware in the network. As an added bonus, this is also a great way to cut down on potential insider threats.
10. Kudos to you! You can detect ransomware threats
Ransomware can do a lot of damage long before a digital ransom note is ever presented to victims. For example, if you use a backup and disaster recovery system like Carbonite, and notice that the total size of your backup changed dramatically over 24 hours, it could be a sign that a ransomware virus has changed the contents of your files. You might also see files added to the backup that were not put there by you. Also, an excessive number of access attempts by a device on the network could be a sign of suspicious activity. Repeated attempts that return error messages should be investigated immediately. Anomaly detection software can automate this task for environments where manual methods are not practical.
Protect yourself and your business from ransomware: Learn more about Carbonite cloud backup solutions today.