In a public service announcement made in 2019, the Federal Bureau of Investigation (FBI) issued a warning against a high-impact cyberattack that could target U.S. businesses and organizations. That attack was ransomware.
While some Americans dismissed the warning as old news, recent events proved that the threat actors behind these attacks aren't done wreaking havoc on computers and systems. Just two months after the FBI notice was issued, the city of New Orleans suffered a serious cyber attack, which prompted Mayor LaToya Cantrell to declare a state of emergency.
In Dec. 23, 2019, another attack was recorded at the Maastricht University in the Netherlands. This time, the ransomware malware succeeded in encrypting not just Windows' security software, but almost all Windows systems.
The Clop Ransomware Evolution
When that FBI warning was issued last year, the Clop malware was deemed as just another variant of the CryptoMix ransomware family. According to experts, however, the recent evolution of the ransomware could now terminate a total of 663 Windows processes before the file encryption could even begin.
SEE ALSO: Charger Scam Alert: USB Ports at Airports, Hotels Could Drain Your Bank Account
But that was what the investigative agency's warning was initially about. FBI wanted to warn the public about cybercriminals' alarming efforts to "upgrade and change their techniques to make their attacks more effective and to prevent detection."
In a November post by Bleeping Computer writer Lawrence Abrams, he reported that the Clop CryptoMix Ransomware is now attempting not just to disable Windows Defender but to remove the Microsoft Security Essentials and Malwarebytes' Anti-Ransomware programs as well.
Aside from Windows Defender, among the systems and processes terminated by the ransomware are Acrobat, Calculator, Edge, OneDrive, PowerPoint, SecureCRT, Skype, Snagit, Word, and the Your Phone app. The full list of terminated systems can be seen in GitHub researcher Vitali Kremez's report.
How to Protect Your Windows 10 From Ransomware
Windows 10 has always been on the top of the target lists of threat actors. Remember when the advanced persistent attack group Thallium operated an extensive criminal network to steal data? Or when cybercriminals tried to bypass Windows 10 security by implementing ransomware called Snatch?
Given these facts, it should go without saying that you must be proactive in protecting your files and data from potential Windows 10 malware. Here are some good practices to live by.
- Always download the latest security updates. Make it a habit to check for new updates.
- Back up your data. Whether we're talking about individuals or organizations, it's best practice to back up your files not just in cloud storage but also in another offsite location.
- Limit the access to your file folders. This doesn't prevent cybercriminals from accessing your data, but you can at least make their job easier for them.
- Never open unknown links on your browser. Threat actors take advantage of browser vulnerabilities to install ransomware.
- Be cyber-aware. There's no harm in educating yourself with cybersecurity tips and tricks.
As with any situation, remember that it's always better to be safe than sorry. Following these steps will help keep your data safe from Clop ransomware and other cyberattacks.