Consumers can dramatically reduce the chances of falling victim to a ransomware attack by following basic security best practices such as being careful about the web-based links they click on, being wary when opening email attachments – especially those sent by people they are unfamiliar with – and by thinking twice about clicking on links in emails, even when they appear to point to legitimate sites.
It is never worth paying a ransom to retrieve encrypted data. Not only is there no guarantee that the required decryption key will be handed over – we’re talking about dealing with criminals, after all – it also encourages those behind this scourge to carry on tricking further victims in the future.
Additionally, paying up will most likely see a victim's details added to a 'suckers list' which will lead to them becoming a target of future scams and other criminal activity based on the fact that they are known to be someone who pays up.
Does the discovery of ransomware on the Mac bust the perception that OS X is a more secure platform than Windows? Not in the slightest. While the success of Apple has long since busted its advantage of security through obscurity, the truth is that OS X still remains far less susceptible to malware than Microsoft’s operating systems.
For the most part, malicious code has no place on a Mac unless invited onto the machine by the user – I’m not so sure the same can be said for Windows devices.
Ransomware is one of the biggest risks faced by businesses and individuals at this point in time, primarily because it is so successful. Far too many news reports finish by saying how an organisation or individual had no choice but to pay up in order to retrieve their valuable data.
Thus the solution to the issue is two-fold – not only must organisations and individuals adopt robust technical solutions, such as antivirus and email filtering, but also they must incorporate a strict backup policy that includes testing the integrity of all backed up data so that they are confident they can roll back in the event of a successful ransomware attack.
Beyond that, security awareness is key as ever – individuals and businesses can mitigate both ransomware and many other threats by educating themselves and their staff about common attacks and the simple steps they can take to protect themselves from them.
Sourced from Lee Munson, Researcher, Comparitech.com