Page 78 - Cyber Warnings
P. 78
Download with caution
Free software or media downloads from the web may often arrive with a ransomware gift. Quite
a few freeware bundles at the moment are bundling ransomware. Whenever downloading
software, it is critical to use websites that are credible, and websites you have confidence in.
Renaming VSSAdmin
Windows systems use Shadow Volume Copies to auto store earlier versions of your files.
These file versions or backups may later be used to recover materials that
were modified or wiped out.
A lot of ransomware Trojans run the VSSAdmin command to be able to erase all shadow copies
on a machine to make sure that they could not be used to recover encrypted data. Here is an
article that will help you to rename VSSAdmin.
Turn off VBS (Windows Script Host)
A lot of ransomware viruses get installed by the use of script files written in VBS or JScript. If
you are not frequently working with VBS or JScript files, it is much better to turn off this
functionality in Windows, instructions are here.
Disable PowerShell
The Windows PowerShell can also be used to install ransomware and even encrypt files. In
case you are not working with PowerShell on your machine, it is better to stop the execution of
PowerShell scripts with the help of this command: powershell Set-ExecutionPolicy -
ExecutionPolicy Restricted. Use the Windows Elevated Command Prompt.
No more weak passwords
You need to create only strong passwords to secure your system from unwanted
consequences.
Your accounts should not be a low hanging fruit, use long and complicated passwords like
gU&*2D&^572tsc6g6.
Keep in mind that some ransom viruses get installed when hackers log in into your Remote
Desktop that is not protected with a strong password.
78 Cyber Warnings E-Magazine February 2017 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
