How Can Coders Prevent Ransomware Attacks?
When it comes to going online, internet security is at the top of everyone’s lists as a priority to have in place before using the web. With the recent onslaught of cyber attacks that have struck companies and been heavily publicized — including WannaCry and NotPetya affecting Cellebrite, the CIA, and Deloitte among others — it is clear that securing your digital presence is crucial in today’s ‘internet of things’ dependent society. While the onset of GDPR in May 2018 will help companies secure the data they hold on you and further try to prevent any breaches, there are ways in which you as an individual can take matters into your own hands to defend against cyber attacks.
Ransomware and Coding
Taking the time to ensure you have substantial and effective anti-virus software should be an imperative before you even set your password on your new laptop or PC. Ensuring the protection is there from the start means you are doubly protected against the myriad of security issues that can befall even the sturdiest of machines. But this protection should come in as early as the coding stage of creating websites and software. Luckily, some of the nastier ransomware attacks were not as sophisticated as the hackers intended and coding was able to reverse any damage — such as with the NHS Windows XP hack in 2017. Ransomware can be disastrous to a system as it encrypts documents and requires a digital key to unlock them, usually in untraceable Bitcoin.
Anti-Virus Protection
When it comes to coding, it is imperative to stem any potential malware attacks, which is why robust anti-virus protection is crucial. As the Total-AV test and review shows, 24/7 protection against emerging malware and viruses is needed in such a heightened age of potential cyber attacks. Being able to constantly monitor not just for attempted attacks, but for anything that could potentially become an attack can help the coder ensure the initial foundations they are developing are free from potential damage. Should a virus be able to plant itself into the latent code, which is then distributed out to a wider network, it would have a devastating impact.
NotPetya Simple Vaccination
Analysts were able to defend against NotPetya (similar to the infamous Petya hack, but without the kill switch) through encrypting documents. Serper discovered that by setting documents to read-only, the hack would bypass them — a finding later reinforced by PT Security, TrustedSec, and Emsisoft. This is due to the lack of universal switch and the fact that the ransomware had to spread internally on systems and couldn’t seed externally. So protecting documents with a simple fix was able to prevent the hack latching onto the system — essentially providing somewhat of a vaccination against the virus.
Be Careful When Going Public
Ransomware attacks depend on the server used to access the internet — some are more protected than others, and those that offer public usage are prone to a lack of security. A strong VPN is needed when accessing any public wi-fi. Mail servers that offer the chance for anyone to send emails through can also be a source of weakness and allow ransomware attacks. Make sure that mail servers are also protected and that there is verification for what is being sent through and who is sending it.
Be Clever with Ransomware
If you are subjected to a ransomware attack, you don’t necessarily have to pay it. “30% of encrypted data can be decrypted without paying”, claims Ilia Kolochenko, CEO of tech company High-Tech Bridge. If you are attacked, immediately remove your machine from any networks to prevent internal spreading. Sometimes an official investigation can find out more information on ransomware to better prevent future attacks and can help the tech community collectively fight back with shared resources.
When it comes to anything using the internet, vigilance is the order of the day. Especially when coding, as potential threats can attack the most delicate structures and be present before anti-virus protection is able to root them out. Ensuring you, and those you deal with, are fully protected is the best course of action to prevent harmful viruses, malware, and ransomware attacks.
✉️ Subscribe to CodeBurst’s once-weekly Email Blast, 🐦 Follow CodeBurst on Twitter, view 🗺️ The 2018 Web Developer Roadmap, and 🕸️ Learn Full Stack Web Development.
