WannaCry, Petya, NotPetya, DoubleLocker, Bad Rabbit, Loser – ransomware has effectively taken over our virtual lives and definitely not in a good way. It has come to a point where at least one person or business that we personally know has probably been hit by the epidemic. Ransomware is no longer a threat for naive internet users nor exclusive for rich businesses, the threat is real and going strong for everyone online (mainly thanks to NSA!).

But, what can we as users and small businesses do to better protect our data from falling into the wrong hands?

Wccftech reached out to the experts at Check Point to discuss some of the best practices that are both easy to follow and will help you ensure you are better prepared to deal with this growing threat. Check Point sent us some key points to follow, but before diving deeper into those, here’s a TL;DR version:

- Backup
- Patch up
- Don’t click on random links and/or attachments
- Use AV products that also have anti-ransomware modules
- Do NOT pay ransom

Now that we have managed to somewhat help our readers who aren’t fans of following long pieces, here is the detailed set of instructions from security experts that will certainly help you be better equipped to protect your data against ransomware.

Boo ransomware! Top tips to protect yourself against ransomware

Here’s how to better protect your desktop and mobile devices from ransomware, phishing attacks, and other cyber threats according to Dror Levy, head of ZoneAlarm anti-virus at Check Point.

1. Creating backups was never this important

A key component to prepare for a ransomware attack is developing a robust backup strategy. Backup files regularly to cloud providers and local storage devices or even network attached drives. In case you do get hit with ransomware you’ll be assured all your files and data are safe.

2. Patch up

Remember that Google security executive’s statement on how every company – no matter how small – needs to have someone responsible for patching, patching, and nothing but patching? Well, Levy appears to be agreeing with that approach.

“Any software you use is a potential source of vulnerabilities that could lead to a compromise of security or identity so it’s important to patch applications and operating systems to help significantly limit malware threats,” Levy wrote. “Updating software and operating systems is imperative since malicious programs can take advantage of software vulnerabilities and infiltrate the devices. The more commonly used a program is, the bigger target it represents and the more likely it is that a vulnerability will be exploited.”

3. Understand how ransomware spreads and make sure you don’t fall for the common tricks

It’s imperative to be educated on how ransomware spreads and be able to identify malicious behaviors. The Bad Rabbit attack was spread through fake Adobe Flash player updates so it’s important to avoid clicking on any popups or suspicious looking links. Email attachments are the number one risk for infection, so avoid opening and clicking on any attachments.

4. Using antivirus product may not always be enough

Use dedicated anti-ransomware tools. Your antivirus alone may not protect you from Ransomware if this ransomware is not yet a well-known one. Use behavior-based anti-ransomware tools that can identify new zero day ransomware from the first moment.

5. Using anti-ransomware tool? But, can it recover encrypted files?

It is especially recommended to use an anti-ransomware tool that can also recover your encrypted files. The good thing about behavior-based anti-ransomware is that it will find even unknown zero day ransomware. The bad thing is that it will usually find it only after some files already got encrypted and lost before it gets the capabilities to recover them. Be sure to use one of the few anti-ransomware tools that has the capability to recover those files that already got encrypted, so no data will be lost

6. Paying ransom is a big no; could be a wipeware too!

“Do not pay the ransom,” Levy warned. “If you do get hit with ransomware, paying the ransom doesn’t guarantee you’ll safely receive all your data back.”

"Not only that, you become a target for future ransomware attacks."