Information about the Ransomware infection and its prevention — LiveOnNetwork

Information about the Ransomware infection and its prevention — LiveOnNetwork

(B)Proactively monitors the system for new ransomware infections

1. Apply operating system security patches. Importantly MS17–010.
Using social engineering techniques, hackers can send you emails with infected attachments or links to compromised or fake and phishing websites. Email Security filters all incoming emails marked to you, blocks those that are harmful, and lets through only clean and genuine emails.

2.Ransomware Protection:-
Antivirus feature is more effective and advanced than other anti-ransomware tools.
Monitors activity of downloaded files whose components could become a potential ransomware attack.

©Runs on a behavior-based detection engine
Analyzes how a program behaves in real time, so that it can be stopped before it does any damage.

(D)Has an inbuilt data backup and restore tool The backup and restore tool proactively keeps a backup of all your important files and stores it in a secure location. These files can be restored in case of a ransomware attack. Read more about this here -

(A)Signature based detection
Detects known ransomware that try to infiltrate your system through infected emails and other mediums like USB drives or other infected systems in the network.

  1. Disable RDP / SMB if not in use or allow to specific users only.
  2. Set account lockout & password expiration policy.
  3. Audit domain users & check if any unknown user got created. If yes, disable/delete it.
  4. Do not use any crack or un genuine application.
  5. Do not respond to suspicious email.
  6. Keep AV updated & do regular scan with all protection kept on.
  7. Audit AV reports as well as alerts & respond appropriately.
  8. Always keep backup of important data.
  9. Install antivirus on the unprotected systems in the network.
  10. Change the default port of the SQL and set complex password for database user like ‘SA’ user.
  11. Disable the default user ‘SA’ and create another user with same privileges
  12. Use strong and unique passwords on user accounts that cannot be easily breached.

Firewall blocks external threats that try to reach your computer over the Internet. It also blocks threats that may arise within networks that are connected to your system. Besides allowing you to configure protection for incoming and outgoing Internet traffic, our enhanced Firewall lets you set a Firewall profile for network connections such as ‘Home’, ‘Work’, ‘Public’ or ‘Restricted’.

Below are the best security practices that you should follow against ransomware attacks to protect their accounts from brute-forcing.

— Use strong and unique passwords on user accounts that cannot be easily breached. Weak passwords like Admin, admin123, user, 123456, password, Pass@123, etc., can be easily brute force in the first few attempts itself.

- Configure password protection for your security software. This would prevent any unauthorized users from disabling or uninstalling it. Quick Heal users can enable this feature from the Settings — Password Protection.

- Disable the Administrator account and use a different account name for administrative activities. Most brute-force attempts are done on an Administrator user account as it is present by default.

Also, remove any other unused or guest accounts if configured on the system.

- Change the default RDP port from ‘3389’ to something else. Although a complete port scan would still show the open ports, this would prevent attacks that are targeting only the port 3389 by default.

- Keep your anti-virus updated all the time and ensure all security features are ON. Antivirus proactively detects and prevents ransomware attacks. Besides this, our multilayered
 — Configuring Account Lockout Policies that automatically lock the account after a specific number of failed attempts. This feature is available in Windows and the threshold can be customized as per the administrator.
Defense mechanism helps prevent all types of malware attacks including new ransomware infections.
Prevent malware from exploiting them
 — Don’t open spam emails or attachments
 — Avoid pop-ups and fake notifications which offers eye-catching deals etc.
 — Restrict automatic downloads and updates (For Browser)
 — Don’t forward any unauthorized email that offers eye-catching deals etc.
 — Do not turn off ‘Email & Internet protection’ of Quick Heal.
 — Apply all recommended security updates for your Operating System, programs like Adobe, Java, Internet Browsers, etc. These updates fix security weaknesses in these programs and

- Avoid opening any suspicious attachments if you don’t expecting from unknown.
 — Keep backup of your important data and backup them on regular basis somewhere safe place.
 — Do not allow any suspicious file detected by our Advanced DNA Scanner or Anti Ransomware.
 — Provide complex password to all User Accounts, Mail, Software Settings.etc.
 — If you are using old AV version then install latest version of AV.
 — Use feature for safe browsing.
 — Do not enable Remote Desktop if it is not required to You.
 — Use password protected Sharing in network rather than using simple file sharing.

Originally published at liveonnetwork.info.

Did you find this article valuable?

Support Cyber Security by becoming a sponsor. Any amount is appreciated!