Link to home
Create AccountLog in
Avatar of Steve Mutchler
Steve MutchlerFlag for United States of America

asked on

Cybersecurity for home users

I'm retired IT...and I support several hundred  home users....they are all retired....many in their 80's....Most have very little computer knowledge and just do very basic stuff....
I have set them up using Windows Security....talked to them about strong passwords...don't repeat them etc...
All the usual security stuff....

This outbreak of Ransomware has me concerned.....I've fought it 2 times over about a 5 year period....First time I had no idea what I was dealing with and we wound up paying the ransom fee....he got about 90"% of his files back....2ed time user lost everything...I had to rebuild from scratch...fortunately he had a recent backup of QB....

Normally Ransomware attacks known large users....hospitals...police departments...and recently gas lines....
From what I've been reading...it seems more and more home users....low level consumers....are getting hit
with Ransomware also...

So I am preparing a newsletter to send out to my customers....gonna talk about Ransomware and how to
protect themselves.....

I am looking for tips...tools...techniques I can present to them and am open to any and all suggestions....

Also...should I be recommending anything other than Windows Security....Bit Defender etc....I don't know of any software than can PREVENT a ransomware attack....although many advertise they can...if there is any with any effectiveness at all...please comment....

Many thanks in advance...
Steve


Avatar of serialband
serialband
Flag of Ukraine image

Install adblockers and privacy badger on all their browsers.  Then teach them not to click on links in their email.

Teach them to create a separate email, not based on their own name for doing banking and never use that email account for anything else, so that no spam ever gets to it.  If banking spam comes to their regular email, they'll know it's spam.  Even then, don't click on links in the banking email account.  Just go to the website.

Turn off all images in email.

Back up the data and never pay ransoms.  People paying ransoms are the reason ransomware keeps proliferating.  They're making enough money for it to be worthwhile to them.

Avatar of btan
btan

Some points for consideration:

Towards Adopting Technical Measures ......

Implement Application Control 
- Consider installing application control software that provides application and/or directory whitelisting. Whitelisting allows only approved programs to run, and can prevent unknown programs, such as malware, from running.

Limit Privileged Access to Authorised Personnel - User accounts with administrative privileges have the rights to execute a wide range of actions on the system, including installing software or accessing sensitive data. Consider the following:
  • Control and limit privileged access to only authorised individuals who require full access to carry out their work.
  • Give users, other than the administrator, the lowest user privileges necessary for work.
  • Review and manage the use of all user accounts and disable inactive accounts when they are no longer in use.
  • Implement multi-factor authentication for such administrative privileges.

Enable Microsoft Office macros only when required - One possible delivery mechanism of ransomware comes in the form of malicious Microsoft Office documents that trick victims into enabling macros in order to view its contents. Allow macros to be enabled only when required.

Review Settings on Exposed Services and Open Ports - Some ransomware variants may take advantage of exposed services and open ports such as the RDP port 3389 and SMB port 445 to spread across the network. Organisations should review if there is a need to leave these ports exposed and restrict connections to only trusted hosts.

Towards Raising User Awareness and Cyber Hygiene ......

Back up your computer. Perform frequent backups of your system and other important files, and verify your backups regularly. If your computer becomes infected with ransomware, you can restore your system to its previous state using your backups.  

Store your backups separately. Best practice is to store your backups on a separate device that cannot be accessed from a network, such as on an external hard drive. Once the backup is completed, make sure to disconnect the external hard drive, or separate device from the network or computer.  

Update and patch your computer. Ensure your applications and operating systems (OSs) have been updated with the latest patches. Vulnerable applications and OSs are the target of most ransomware attacks.

Use caution with links and when entering website addresses. Be careful when clicking directly on links in emails, even if the sender appears to be someone you know. Attempt to independently verify website addresses (e.g., contact your helpdesk, search the internet for the sender organization’s website or the topic mentioned in the email). Pay attention to the website addresses you click on, as well as those you enter yourself. Malicious website addresses often appear almost identical to legitimate sites  

Open email attachments with caution. Be wary of opening email attachments, even from senders you think you know, particularly when attachments are compressed files or ZIP files.

Keep your personal information safe. Check a website’s security to ensure the information you submit is encrypted before you provide it.  

Verify email senders. If you are unsure whether or not an email is legitimate, try to verify the email’s legitimacy by contacting the sender directly. Do not click on any links in the email. If possible, use a previous (legitimate) email to ensure the contact information you have for the sender is authentic before you contact them.

Inform yourself. Keep yourself informed about recent cybersecurity threats and up to date on ransomware techniques. You can find information about known phishing attacks on the Anti-Phishing Working Group website.

Use and maintain preventative software programs. Install antivirus software, firewalls, and email filters—and keep them updated—to reduce malicious network traffic. 
Much depends the extent.

split user account, have two common and install, admin account.

Setup group policy software restriction, deny running exe's msi, within user profile

Backup to cloud that can guard against ransoneware.

5GB free account idrive,
ASKER CERTIFIED SOLUTION
Avatar of Mike Taylor
Mike Taylor
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
Avatar of Steve Mutchler

ASKER

Everyone....many thanks....some very good ideas....going thru them...trying to figure out what will
work with my clients....
The answer key is to educate your student to perform frequent data backups and always maintain local backups. In addition, inform your students on current events and how not to fall victim to cyber-attacks. Finally, they should seek guidance from IT experts in case of any cyber threat.

Mostly I used Mike T info...But all of you had contributed something that I incorporated into my
newsletter....not finished yet.....but getting there...

Many thanks to all...