The blackmail software that doesn't make it into the headlines: Private individuals are a popular target of ransomware - and 10 tips on how to protect yourself.
It doesn't get the media attention that its glamorous “big” brothers get, but it's still quite agile: The ransomware strain of 71, with a share of 2021 percent to date, is not a ransom threat worth millions to a large company, but a File-encrypting virus called DJVU or STOP Ransomware with more than 290 variants. His goal: private individuals and micro-entrepreneurs.
The amount also brings money
Less known and less reported about attacks by cyber criminals on private individuals or small business owners. Still, it is a fact that private IT is also becoming a target for ransomware and other cyber threats. Particularly at risk among private users are those who like to spend time playing PC or online games: many DJVU / STOP attacks take place via pirated games that are downloaded from online cracking forums. Therefore, risk awareness and preventive measures in the private environment and in families are just as important as for companies. A recent study by Sophos Home in the US shows that 91 percent of households are concerned about online security threats. However, only 49 percent of those questioned were able to correctly assess what, for example, ransomware actually is.
Popular and dangerous: cracked software versions
The DJVU/STOP ransomware and many other consumer-oriented malware, including so-called "information thieves", also spread disguised as cracked versions of popular software applications, among other things. For example, gamers looking for “free” versions of games or game modifications (mods) can be particularly vulnerable to such methods. But dealing with the danger seems lax. For example, the Sophos Home study found that only half (50%) of parents have parental controls installed on the devices their children use, and only 46 percent regularly scan household devices for malware. However, this would be one of the necessary measures that in this case would protect, for example, young people from installing pirated software, which is actually malware in disguise.
Here is a list of ten cybersecurity measures for home users and small businesses
- Set strong, unique passwords for every family member, account, and device - and your home Wi-Fi network should be secured too.
- A security solution should be installed on all devices.
- Keep all software updated. If you can, set your devices to update automatically so you don't have to remember them.
- Secure the connected devices of young people with appropriate parental controls and content filters and discuss the online risks and possible protection with the young people.
- Install only legitimate software applications from official online stores such as the App Store and the Google Play Store.
- If an incoming email, SMS, or IM message seems suspicious for any reason (the language, the request, etc.), don't open the attachment or click a link.
- Never change the security settings on your computer or smartphone when asked to do so by someone you do not know.
- Activate 2FA (two-factor authentication, also known as two-step verification) for all online services if possible.
- Back up your data regularly, including at home. Keep at least one backup copy offline (e.g. unplugged if it is a USB drive, or logged out if it is a cloud service) so that in the event of an attack, the crooks do not have your backup copy and Can destroy your active data.
- The golden rule when it comes to data protection on the Internet: If in doubt, do not disclose anything.
For more insights from the Sophos Home survey, see the full report online as a PDF file: “The State of Consumer Home Cybersecurity 2021”.
More at Sophos.com
About Sophos More than 100 million users in 150 countries trust Sophos. We offer the best protection against complex IT threats and data loss. Our comprehensive security solutions are easy to deploy, use and manage. They offer the lowest total cost of ownership in the industry. Sophos offers award-winning encryption solutions, security solutions for endpoints, networks, mobile devices, email and the web. In addition, there is support from SophosLabs, our worldwide network of our own analysis centers. The Sophos headquarters are in Boston, USA and Oxford, UK.