Antivirus software is a continually evolving market. It has to be both proactive and reactive to mitigate new and existing threats. Of course, no antivirus can be 100% secure. And threat actors are clever. They are the reason the cybersecurity sector is set to hit $200 billion in 2021.
Let’s take a look at 12 tools you can use to beat ransomware.
Why You Need Protection
A ransomware infection scans through your system, targeting specific file extensions. When the scan is complete, the ransomware encrypts the files, locking the user out until a ransom has been paid, usually in untraceable Bitcoin.
Ransomware was brutal throughout 2016. Security researchers SonicWall reported [PDF] a mind-blowing 638 million ransomware attacks throughout the year, up 167 times from the 3.8 million reported in 2015. Furthermore, SonicWall estimate that $209 million was lost to ransoms in the first quarter of the year alone.
Want another reason to consider protection? Symantec report that the average ransomware demand has increased from $294 in 2015 to $1,077 in 2016. Ransoms are scaled by consumer, with enterprises and big businesses being hit for vastly more than home users.
Had enough? Let’s talk protection.
It should go without saying that you need an antivirus solution. The internet is vast. Vulnerabilities and exploits are frequently exposed. And human error is common. Antivirus solutions recognize the significant threat posed by ransomware — but some do it better than others.
Bitdefender has taken the prize for best virus detection rate for six consecutive years. It also has a very low overall system impact, and comes with a host of extra system security tools.
Bitdefender is robust. Ransomware variants typically seek out a list of specific file extensions, as well as other common file locations. Bitdefender prevents unauthorized access to any protected folders, including Documents, Desktop, Pictures, Music, and Videos, as well as cloud file-syncing services like Dropbox and Google Drive. Users can further define specific folders whose contents should be protected.
Overall, Bitdefender Antivirus Plus 2017 is a great defense product for your system. It usually retails for $59.99 per year, though a multiple year subscription is available at an overall reduced price.
Trend Micro Antivirus+ Security 2017 offers an excellent coverall anti-ransomware package. While Bitdefender focuses on protecting specific folders and preventing access, Trend Micro does a bit of everything: folder modification prevention, behavioral analysis, encryption detection and quarantining, and file backup and restoration. It even offers a ransomware hotline that anyone can call, not just Trend Micro customers.
The overall package is good, but I think Bitdefender’s file and folder prevention is more advanced, and therefore a bit better. Antivirus+ Security 2017 protects the Documents folder and subfolders by default, plus one more folder and its subfolders.
Trend Micro Antivirus+ Security 2017 currently retails for $39.95 per year for a single PC.
Have you balked at the idea of dropping nearly $60 on antivirus? There are numerous fantastic free antivirus solutions available. They don’t have the same integrated anti-ransomware features like Bitdefender, but are vastly better than an unsecured system. I’ll even show you some more applications you can pair your free antivirus up with, too.
If you’re talking free antivirus, you need to be talking Avast. It hits many important antivirus boxes, including active malware scanning, behavior-based detection, malicious URL-blocking, and much more.
An antivirus solution offers protection against the myriad nasties that want access to your computer. However, there are several products that specifically target ransomware, updating their signature and behavior detections frequently enough as to be very useful. Furthermore, they don’t get in the way of traditional antivirus software either, meaning they’re a handy addition to any system.
Cybereason’s RansomFree is a free ransomware protection tool designed to work alongside your existing security solution. It uses heuristic detection to asses any unexpected or unusual behavioral patterns, then eliminates anything deemed malicious.
In addition, RansomFree deploys strategically placed bait files in locations ransomware often begins the encryption process. RansomFree monitors the bait file for unusual interactions, and stops ransomware before it can continue its encryption.
Malwarebytes has long been a trusted name in the security world. They bought-out the popular CryptoMonitor anti-ransomware tool, and re-released it several months later. While it is considered a beta product, Malwarebytes Anti-Ransomware is a fully-fledged behavioral-detection package that has performed well in multiple tests. It is pretty lightweight, too.
You might be thinking, “I have Malwarebytes Anti-Malware and Malwarebytes Anti-Exploit, so why do I need this, too?” Well, the idea is to create a multi-layered defense, where each layer plays a specific role in keeping your computer safe.
HitmanPro is now a Sophos product. HitmanPro is another longstanding security product used throughout the industry. The “Alert” version features several advanced anti-ransomware tools, such as CryptoGuard, process hijacking protection, network lockdown, and memory-exploit protection.
HitmanPro.Alert works best when used in conjunction with another, fully-featured antivirus product. It will set you back $34.95 for a one-year single PC license, or $54.95 for a one-year three PC license.
Back Up Your Data
Want the biggest secret to avoid ransomware pain? Back up all of your data. Do it frequently, and if a ransomware attack makes it through your defense, you simply down-tools, wipe everything, and start again. This, in the secure knowledge that you have everything of importance stored somewhere else.
Before choosing a backup system, consider that some ransomware can encrypt mapped network drives. Particularly nasty infections can even infect unmapped network drives, too. Nevertheless, there are safe options.
Macrium Reflect is a popular paid backup and disk cloning service. The list of features is extensive. Like, really extensive. Have a look for yourself. Macrium allows the creation of full, differential, and incremental backups, both ad hoc, and to your own schedule. Furthermore, it is fast, and comes with a veritable plethora of wizards to help inexperienced users.
Macrium Reflect 7 Home Edition currently retails for $59.99.
Duplicati is a free open source tool that allows you to create and store encrypted backups online. It works with standard protocols like FTP, SSH, and WebDAV, as well as other cloud services like Microsoft OneDrive, Google Drive, Mega, and more.
You can be as thorough or as basic as you like. Select individual files and folders to backup, or schedule a backup at a time suiting you. Duplicati features a web interface that can be configured to run almost anywhere, including your mobile, or on a headless server.
I found Duplicati to be relatively fast, but didn’t test anything larger than a 1 GB file. Accordingly, your backup data rate is limited by your internet upload speed.
Cobian Backup is now on its eleventh iteration. It remains a very popular offline backup tool, with an easy-to-navigate UI. It features file encryption, decryption, an encoder, a translator, and more. The backups can be scheduled using a wide range of filters, as well as specific event triggers.
Be Aware of These Tools
Along with antivirus, ransomware blockers, and online or offline backup tools, there are a few really handy removal tools you should probably be aware of.
This long and ungainly named product does exactly what it says on the tin. In two different scenarios, too. Before the emergence of crypto-ransomware (the type that encrypts your files) came lock-screen ransomware. The latter is still widespread, though easier to negate.
In the first scenario, the tool is installed using a special keyboard sequence after booting into Safe Mode. The screen unlock tool also offers a system scan and clean, followed by a reboot.
In the second scenario, Safe Mode is impossible to access. The screen unlock tool can be loaded onto a USB drive using an uninfected computer. The tool is then loaded during the boot process.
11. Microsoft EMET
The Microsoft Enhanced Mitigation Experience Toolkit provides an extra defense layer for Windows users. It protects against vulnerabilities found in software using a variety of mitigation tactics. It is no guarantee against software being exploited, but does offer an additional layer an exploit author must navigate.
That said, EMET isn’t a magic wand. It is designed to disrupt common exploits. Unfortunately, new exploits are found and used against us all the time. Furthermore, because EMET isn’t an integrated security product, a serious hacker will likely be aware of ways to mitigate this extra security layer.
I’ve included the Kaspersky Anti-Ransomware Tool, but it really focuses more on SMBs than home users. It is free, and works like the other ransomware blockers we looked at earlier. The tool runs in the background of your system, monitoring system behavior and patterns, blocking malicious activity when it arises.
Take the Fight to the Ransomware
Ransomware is really annoying. More than that, it can see the destruction of sentimental and irreplaceable files. Authorities around the world understand the threat posed by ransomware, to home users, businesses, and government organizations alike.
The key to battling ransomware is proactivity. For instance, The No More Ransom Project — run by the Netherlands’ police High Tech Crime Unit, Europol, Kaspersky, and Intel Security — is a central hub filled with ransomware decryptors and practical advice on removing an infection.
Furthermore, both Kaspersky and Avast offer free ransomware decryptors. The No More Ransom Project feature many of the decryptors on offer, but there are some only available through their respective websites.
These are some of the best tools you can use to beat ransomware. However, the number one, top-of-the-line market product is… you.
What is your anti-ransomware software combination? Do you prefer a paid antivirus over a free product? Let us know your anti-ransomware setup below!