search
Where Thought Leaders go for Growth
Reference a solution

Ransomware: the right reflexes in the event of infection and 6 software programs to protect your data

Ransomware: the right reflexes in the event of infection and 6 software programs to protect your data

By Axelle Drack

Published: October 29, 2024

Did you know that your company's data has never been so vulnerable? That's what ANSSI reveals: in 2020, it recorded a 255% increase in ransomware attacks. When you know that, it's no exaggeration to panic!

Attacks by your worst enemies, the cybercriminals, are increasing day by day. This is all the more worrying when you consider the ease with which this malware can infect your entire system, sometimes simply by means of an e-mail attachment (yes, that simple).

You're probably asking yourself a lot of questions: how does ransomware work, how can you protect yourself against it, and how can you remove the virus if you've fallen victim to it?

We give you all the solutions to ransomware, with a selection of software and sound advice on how to be cyber-resilient in the face of ransomware.

Know your enemy: how ransomware works

How does ransomware spread? The first step in a ransomware attack is to set up a trap on the victim's computer or mobile device.

Ransomware can do this in a number of ways:

  • downloading an attachment from an e-mail (phishing) or a copy of a website,
  • visiting an infected site,
  • software updates, etc.

Once this first hurdle has been cleared, it must then pass a second hurdle: an antivirus , if there is one, of course.

If it gets through, all that's left is to use one of 4 stratagems to block the user and get him to pay a ransom:

  1. File encryption: the malware blocks all access to your files and documents. This is the best-known procedure.

  2. Scareware: the hacker stimulates fear in the user, who receives a message telling him that his computer is infected, even though there is no proof of this.

  3. Screenlockers: ransomware blocks the computer screen, making it unusable. These attacks are known as screenlockers.

  4. Doxxing: the hacker steals your personal information and blackmails you with a ransom demand. This type of attack is also known as doxware.

💡 Good to know: once a machine has been infected, other computers on the company network may also be blocked.

Infected by ransomware: what to do?

5 things to do in the next few minutes

You see a screen asking you to pay a ransom. How should you react?

ANSSI - the French national agency for information systems security - recommends that you follow this advice:

  • Don't pay, as you'll be encouraging hackers to do so;
  • Don't turn off your computer; put it into deep sleep if you can;
  • To prevent the virus from spreading to all your devices, immediately unplug all your devices (computers, hard drives, etc.) and disconnect them from the network;
  • Contact your IT manager as a matter of urgency, so that he or she can disinfect the affected computer with a bootable security CD, for example, and restore the data using the backup procedure described above;
  • File a complaint.

How do I remove ransomware?

Here are several solutions for removing the nasty ransomware:

  1. Remove BtcKING with SpyHunter: the correction algorithm in the latest version of the SpyHunter 5 solution detects viruses, quarantines them and blocks malware before it can be launched.

  2. Download free anti-ransomware from Avast: although its basic version is free, it's best to upgrade to a paid version to benefit from effective anti-ransomware.

  3. Free anti-ransomware for MAC from Malwarebytes: more and more businesses are equipped with MAC computers, so it's essential to protect them with anti-ransomware.

  4. Using Windows Safe Mode: virus removal using Windows Safe Mode is a removal technique for expert users only, and is only effective for removing certain malware.

6 software solutions to protect your business from ransomware

There's nothing like professional software to protect against ransomware, rather than trying a solution that's more akin to haphazard DIY than real protection against ransomware, as well as all existing threats. Demonstrations.

Altospam: the champion of all-round protection

Altospam is a formidable SaaS software solution for effectively combating all types of attack and spam. The solution protects corporate email addresses through a combination of 16 anti-spam, 6 anti-virus and 4 anti-ransomware technologies.

Altospam also protects company servers: Altospam's servers act as intermediaries, blocking all attacks and allowing only legitimate e-mails to pass through.

This anti-spam, anti-virus and anti-phishing solution filters e-mails, blocking harmful attachmentssuch as those containing ransomware.

Your servers are also protected from DDoS attacks (denial of service) or hackers wishing to use one of your servers as a pirate relay to send mass e-mails and encrypt other companies' data.

BeBackup: an innovative, secure backup solution

BeBackup meets the needs of corporate IT departments.

In terms of security, data is encrypted at source by the backup agent using an encryption key. What's more, BeBackup uses an innovative DeltaBloc versioning system that enables you to keep a history of modifications from 30 days to 5 years, depending on your needs. This feature reduces backup times and storage space consumption by up to 80%, while guaranteeing maximum ransomware-proof security.

You also have the choice of hosting your data: on 3 or 4 BeBackup servers located in France, or on another type of hosting, such as your own servers.

Last but not least, BeBackup's technical experts are on hand to help you deploy your projects on a day-to-day basis, to guarantee the integrity of your data, all at a competitive price.

MailInBlack: anti-virus and anti-spam solution

MailInBlack checks the identity of the sender before delivering or blocking an e-mail.
If the sender is unknown, a verification email is sent to him/her to authenticate him/herself as a real human and not a dangerous robot.

This precautionary principle is based on the principle of authentication: only senders who have shown their credentials are included on the white list. All others are blacklisted.

MailInBlack offers simultaneous protection on several levels: the solution filters email addresses, scans each message to detect and block viruses such as ransomware, applies a strict RBL anti-spam filter, and also protects mail servers in the manner of Altospam.

What's more, each user can manually manage pending emails in his or her personal space: they can ban an email address by blacklisting it, authorize a specific sender, etc.

Nuabee: implementing a cyber-attack-proof DRP

In a context increasingly marked by ransomware attacks, it is more necessary than ever to organize one's cyber resilience through the implementation of preventive measures, and the reinforcement of one's ability to bounce back in the event of a disaster. UCover by Nuabee does just that.

UCover by Nuabee is 100% managed by specialized teams who monitor backups and perform DRP tests without you having to worry about it. What's more, UCover uses the full synthetic backup method, encrypts data and stores it in highly certified French datacenters.

In the event of a cyber-attack, thanks to our database modeling of your infrastructure and the creation of a technological breakthrough, your disaster recovery plan will not be encrypted by the attack, and your servers will be automatically restarted within a few hours, allowing you to continue your business.

Specops Password Policy: strengthen your password policy in AD

Specops Password Policy is software designed to reinforce the password policy of companies operating in an Active Directory environment.

It enables you to adopt a preventive posture towards ransomware attacks, supporting compliance with ANSSI recommendations. Indeed, strong passwords become solid bulwarks against hacker intrusions.

In concrete terms, Specops Password Policy lets you easily deploy your password policy, including fine-grained policies to adapt rules to user profiles. You can also target any GPO level (group, user, computer).

But above all, this tool goes further than what is offered natively by AD. For example, block the use of expressions contained in a dictionary or in a list of leaked passwords. It is also possible to configure password expiry according to length.

At the same time, CIOs benefit from features to better administer the deployed policy and monitor password usage and robustness.

Vade Secure: artificial intelligence protects your e-mails

The purpose of this email analysis software - IT security - is clearly stated: to block all spam, viruses and malware such as ransomware, as well as phishing and spear phishing attacks (attacks targeted at a specific person or company).

Vade Secure analyzes every incoming e-mail: the sender's address, the content, but also the context, thanks to integrated artificial intelligence, to separate malicious e-mails from legitimate messages.

The solution features bulletproof antivirus and antispam protection: attack messages containing viruses or ransomware are kept out, as is spam.

Artificial intelligence applies predictive rules and analyzes billions of pieces of data every day to improve and face new threats in the best possible defensive conditions.

The right reflexes to protect against ransomware

The best protection against ransomware starts with raising your employees' awareness.

Beware of unknown senders

Is this the 1st time an e-mail address has sent you a message? Check the address: if it's a business address that you can easily find in a directory or on the company's professional website, it's a good sign, but if it's not, beware!

Pay attention to the quality of the message

Even if the e-mail address is professional, there are certain signs that may alert you to the possibility of e-mail piracy. Spelling mistakes, a message asking for money or personal data such as a login or password.

Don't open unchecked attachments

This is the preferred ransomware attack! At the very least, check that your antivirus software is active and up-to-date. If your computer shows any unusual signs of slowing down, ask for it to be fully scanned.

Think before you click on a link on a web page

Hover your mouse cursor over the clickable link or banner without clicking and observe the URL that appears: it should correspond to the official brand site or company name used in the text.

💡 Good to know: an entity such as your bank or an administrative department will never ask you for your login and password, nor for money on a publicly accessible web page, nor by email.

Back up your data every day

It's a good idea to outsource your data back-up. In the event of a frontal attack on your servers, you'll be able to recover your backed-up data on an external server and resume business using unaltered versions of your backed-up files.

Update your software regularly

As we saw earlier, hackers take advantage of security loopholes. Your office tools and all your software must be updated regularly to benefit from the latest security patches.

Set your e-mail settings

Block the automatic execution of ActiveX, plug-ins and downloads by default, and prevent messages from being automatically previewed. Even more secure: use one of the anti-ransomware programs listed above. These programs use dedicated servers to block messages containing viruses, and only forward legitimate messages to you.

Article translated from French