Ransomware

Like viruses, worms and Trojans, ransomware also frequently reaches end devices such as computers or smartphones through phishing emails, unsafe websites or security vulnerabilities in networks. The tricky thing about ransomware is that it makes your own data inaccessible – be it personal, financial or business data. Private households in particular are increasingly being affected by such cyber attacks. Unlike companies, private individuals usually have less sophisticated security systems and do not have an IT security team. In addition, data such as personal photos or bank information have a high emotional or financial value for you, which is why ransom demands are often effective.

Whether reading the newspaper, chatting or working – being online should be a carefree and safe experience. It is important to know the risks and protect yourself. At the same time, users should not allow themselves to be controlled and restricted by fear. There are now many effective ways to protect yourself against malware such as ransomware.

• Regular backups: Create regular backups of your data on an external drive or in a cloud outside the main network. This means you always have a backup of your data and are therefore not vulnerable to blackmail. You should also check from time to time whether your backups are working by restoring files from the backup.
• Security software and updates: Regularly updating your software is particularly important, as the updates also cover newly discovered security vulnerabilities. If possible, activate automatic updates for your operating system. Security software such as antivirus or anti-malware software is also recommended. These programs can detect and block ransomware. You can also scan your device for security risks at any time to ensure that you are continuously protected.
• Correct handling of emails and websites: Only open attachments or links if you know the sender and they are trustworthy. When in doubt, use a separate communication channel to find out whether the message in question is really from this sender. The same applies to downloads from websites. Where possible, avoid visiting completely unknown websites and expand your browser settings with pop-up blockers or warnings about unsafe websites.

Good to know: Cyber – Prevention from Zurich offers you optimal protection. The Zurich Cyber Security app offers various protection functions and features in one, and gives you access to IT specialists through IT assistance. This means you can call if you have any suspicions or questions and clarify your concerns directly with a specialist.

If you notice unusual network activity, data is inexplicably encrypted or drives are no longer accessible, this could be a sign of ransomware. Suspicious emails or ransom demands are also possible signs.

How to respond correctly

1. Isolate systems: Disconnect the affected device from the Internet immediately and switch off WiFi and Bluetooth to prevent any spread to other devices. External storage media such as USB sticks or hard drives must also be immediately removed.
2. Seek expert advice: Contact an IT security expert or a cyber security company to discuss the next steps. Also notify the local police so that a search for the perpetrators can be started.  With Cyber-Prevention, IT assistance experts are at your disposal. 
3. Do not act on your own initiative: Do not pay a ransom without consulting experts or the police. Even after payment, you have no guarantee that you will get your data and access back.
4. Check backups: Make sure your backups are still there by accessing them through uninfected devices and a secure network connection.