Ransome ware and Virus Protection

Ransome ware and Virus Protection Name CIS552 Assignment3 RansomewareandVirus Protection Identifythecommontargetsofransomware.Explainwhythesetargets are soattractiveto hackers. Ransomwareisaformofmalicioussoftware ormalware thathastakenoveryourcomputer,threatens you with harm,anddenies you accesstoyourdata.Theattackerthendemands aran-somfromthevictimtohopefullyrestoreaccesstothedatauponpayment.Ransomewarecanbedisbursedthroughmanyoutlets.Oneofthemostcommondeliverysystemsis phishingspam;at-tachmentsthatcometothevictiminanemail,masqueradingasafiletheyshouldtrust.Oncethey'redownloadedandopened,theycantakeoverthevictim's computer, especiallyiftheyhavebuilt-insocialengineeringtoolsthattrickusersintoallowingadministrativeaccess.Commontargetsofransomwareisusuallylargecorporations,butsmall businesses,mid sizedcompanies,enterprises,andorganizationsarefairgametoo.Thesetargets canbeattractivetohackersformanyreasonlikemoneyandpublicity. Thesinglemosteffectivedeterrent toransomwareistoregularlybackupandthenverifyyoursystem.Morerecent ransomwareattackshavenotonlyencrypteddatafilesbutalsoWindows system restorepointsandshadowcopies,whichcouldbeusedtopartiallyrestoredataafteraransomwareattack.Backupsshouldbestoredonaseparatesystemthatcannotbeaccessedfromanetworkandupdatedregularlytoensurethatasystemcanbeeffectivelyrestoredafteranat-tack. Othereffectivemitigationstrategiesincludethefollowingsteps: • Educateemployees.Likeothermalware,ransomwareofteninfectsasystemthroughemailattachments,downloads,andwebbrowsing.Organizationsshouldconductregulartrainingtohelpemployeesavoidcommonmalwarepitfalls. • Conductregulardatabackups.Thisbearsrepeating.Conductregularbackupsofyoursystem andstorethebackupsoffline andpreferablyoffsitesothattheycannotbeac-cessedthrough your network(Forransomware, offline ismoreimportant. Forotherevents,offsiteismoreimportant). • Onaseparate-but-relatedfront,itisalsoimportant toregularlyverifythedatabackupprocesstoensurebackupsarecapturingallnecessarydataandthattherestoreprocessworksinyour environment.Atahome/personallevel, backupimportant filesastheyaremodifiedandbesurethatbackupmedia (thumbdrives,external harddrives)arenotleftconnectedtoanynetworkeddevice.Periodicallycheckthatthefilescanbeaccessedfromthebackupdevice.Youdon'twanttodiscoverthatitisdefectiveatthepointyouneedto restoredatafromit.Itisalsoimportant topointoutthatpopularonlinebackupsolutionsmayalsobevulnerabletoaransomwareattackasthebackedupdatamaybeoverwrittenwithnewerversionthatisalreadyencryptedbyransomware. • Restrictcodeexecution. Ifransomwareisdesignedtoexecutefromtemporaryanddatafolders,butitcannotaccessthesefoldersduetoaccesscontrol,thatcouldbeasuccessfulroadblocktodataencryption. • Restrictadministrativeandsystemaccess. Somestrainsofransomware aredesignedtouseasystemadministrator accounttoperformtheiroperations.Withthistype ofran-somware,decreasinguseraccountsandterminatingalldefaultsystemadministratorac-countscancreateanextraroadblock. • Maintainandupdatesoftware.Anotherimportantyetbasicruleforprotectingagainstand/orensuringearlydetection ofransomwareistomaintainandupdatesoftware,inpar-ticularsecurityandanti-malwaresoftware.