How Does Ransomware Get on Your Computer and How to Protect Against It?

Posted by @Cherry

May 17, 2017

With the spread of WannaCry Ransomware recently, you need to know how does Ransomware get on your computer and how to protect against Ramsomware.

What is Ransomware?

Recent Ransomware attack makes a big influence around the world. Ransomware is a type of malicious software that carries out the cryptoviral extortion attack from cryptovirology that blocks access to data until a ransom is paid and display a message requesting payment to unlock it. Some of Ransomware only lock the system in a way, which a knowledgeable person can reverse it simply. While some other Ransomware encrypt the victim’s files, making them inaccessible, and demands a ransom payment for Bitcoins to decrypt them.

WannaCry is the recent Ransomware attacking network in Global. This global attack affecting more than 200,000 organizations in 150 countries. When the devices infected by WannaCry Ransomware, your important files will be encrypted, ended with “.WNCRY” of the file name, such as he photos, pictures, documents, audios, videos, or others. it will pop up a dialog, reminds you their destination and demands for Bitcoins.   

WannaCry Ramsome

How does Ransomware get on your computer?

Ransomeware attacks are typically carried out using a Trojan that has a payload disguised as a legitimate file. The WannaCry Ransomware appears to have used a flaw (EternalBlue) in Microsoft’s software, discovered by the NSA and leaked by hackers, to spread rapidly across networks locking away files. The EternalBlue will scan the Windows port 445, and implant Ransomware in the devices without any operation of users, but only when you turn on your devices with network. What’s worse, it will attack other devices which existing flaw in the same LAN. Once there is one device infected, others will be infected, too.   

A security expert from UK found the Kill Switch of WannaCry, and stopped the attack by triggering the Kill Switch on 13 May, 2017. But soon, it has continued to wreak havoc with WannaCry 2.0, which is the new version of WannaCry Ransomware without Kill Switch, may spread with a faster speed than before.  

How to prevent Ramsomware?

The grisly Ransomware wreaked havoc, and there is no effective way to decrypt the encryption from Ransomware. Thus, after figure out how does Ransomware get on your computer, and how does Ransomware spread out, you should know how to prevent Ransomware. And here are top five effective ways to protect against Ransomware.

1. Cutting off internet access before booting device

You’d better cut off internet access before boot your computer. This way can effective avoid infiltrated by Ransomware. When your computer boot successfully, install patch as soon as possible, or you can use some Ransomware prevention tools to prevent Ransomware.

2. Open system firmware (Windows 7/8/10)

You can open system firmware to use the the Advanced Setup to stop the connection to Windows port 445.

  • 1). Open Control Panel->System and Security->Windows Fireware. Click Turn Windows Firewall on or off, choose Turn on Fireware, and back to the Windows Firewall window.

  • 2). Click Advanced Settings, select Inbound Rules->New Rule...

  • 3). Select Port, click Next.

  • 4). In the Specific local port, type in 445, click Next.

  • 5). Select Block the connection, click Next.

  • 6). Choose all configuration files, click Next.

  • 7). Type in any name, click Finish.

3. Upgrade operating system to Windows 10 and always install updates

Microsoft patched the vulnerability using MS17-010 in March, but only for current platforms. With the Microsoft’s MS17-010 Windwos patch, your computer will not be attacked by WannaCry Ransomware. Therefore, you can upgrade your old operating system to Windows 10 for preventing Ransomware. On the other hand, you should also install any other software updates and switch on auto-updaters where possible, because the companies often release software update to fix vulnerabilities that can be exploited to install Ransomware.  

4. Using antivirus programs

Commonly, antivirus programs can scan files to see if they might contains Ransomware before downloading applications, browsing websites, check emails, etc. Many Ransomware may hide in some malicious software, emails, websites, etc. If you are using antivirus programs, it may prevent Ransomware effectively.    

5. Backup files scheduled

There is no effective way to Decrypt the encryption from WannaCry Ramsomware at present. Once the users’ devices have been infiltrated, you can only reinstall operation system to release from ransomware, but the encrypted files cannot be recovered directly. But if you have backed up the files before, you can recover the data easily and simply.

AOMEI Backupper Free is a backup software especially for WannaCry Ransomware, can help you protect against Ransomware effectively. It should be the best defense against Ransomware. You can use it to backup important files to an external hard drive before your devices infiltrated WannaCry Ransomware.

1).Connect your external hard drive (CD/DVD, HDD/SSD, USB flash drive, etc) to your computer, and make sure it can be detected by your device. Download AOMEI Backupper Free, install and launch it. You can see its concise interface. Select as the hint from AOMEI Backupper Free. Here isI Want to Backup Data.

Open Interface

2). Click Backup, and select File Backup.

Backup Types

Tips: AOMEI Backupper Free also provides you System Backup, Partition Backup, Disk Backup. You can choose any one according to your backup requirements.  

3). It will move to the window where you can choose what to backup (the files/folders you want to backup) and where to store the backup image (the external hard drive you connected to your computer before). Then, click Start Backup.

Start Backup

Tips: Before clicking Start Backup, you can open Schedule to set up an automatic backup for daily, weekly, monthly. With the scheduled backup, you can recover data when you need.

Schedule

Conclusion

Ransomware is a big threaten for computer users. You have know idea how does Ransomware get on your computer, or how does Ransomware spread around the world. You have no idea when the accident will happen to you. To protect against Ransomware, the most right way is to backup your important files schedule, so that when your computer infiltrated the Ransomware, you can recover files with the backups.