Guarding against Ransomware – for free

Posted on Updated on by David LeonardCategories:Blog, Security and Privacy

Would you like some protection against Ransomware without feeling as if you are paying a king’s ransom for peace of mind?

In the wake of the WannaCry ransomware attack a few weeks ago, I started a hunt to find some method of guarding against a future attack without having to pay for another layer of antivirus/antimalware protection.

Malwarebytes Premium price
Malwarebytes Premium is priced per machine per annum
You might well ask why your current antivirus protection doesn’t cover against ransomware. Well, maybe it does – but only ransomware that it has seen before. The WannaCry attack was what is known as a “zero day attack“: unknown to antivirus/antimalware protection and, therefore, unrecognised by it. “So”, you think, “what we need is protection that recognises something it’s not seen before”. Well, Malwarebytes (amongst others) does now claim to protect against new types of ransomware – but only if you invest in their “premium” version. This comes in at a slightly eye-watering £29.99 PER PC PER YEAR. Maybe that’s a small price when you consider the potential cost of losing all of your data files, but it’s quite a lot if your opinion is that the chances of being attacked are low. In a world where we get used to buying apps for our iPhones for about £0.69, this looks a bit expensive – especially as it’s an annual subscription and not a one-off purchase.. and you need a separate subscription for each PC that you have.

Cybereason logoSo, I cast my net a bit wider. Knowing that I would want to write a blog post about it, and assuming that my clients are like me in not wanting to feel as if they’re paying a ransom to protect themselves from ransomware, I decided that I was only interested in trying free products. I found just one – called RansomFree ,from an organisation called Cybereason.

RansomFree logoI installed this on my “main” laptop on 26th May and made a mental note to keep my eyes open for any adverse effects. There haven’t been any. It’s true that my Dell XPS 15 laptop is fairly new and has a good specification, so any adverse effect on performance would, indeed, be a bad sign. I’ve run antivirus scans (back to using Windows Defender at the moment because Avira drove me bonkers with its popups) and I’ve run antimalware scans (using Malwarebytes Free), and RansomFree does not seem to have upset these either.

So, now I feel reasonably confident in recommending RansomFree if you are bothered by the thought of ransomware but don’t want to fork out good money for protection against it (which, let’s face it, may or may not work against a threat whose exact nature and profile is hitherto unknown).

There are some interesting features of RansomFree:

  • It doesn’t aim to identify the threat by recognising a file or file type or code within the file that’s characteristic of the threat it’s looking for. Instead it keeps an eye on actual behaviour in your system. To this end, it sets traps by creating typical-looking files and watches to see if anything attempts to mess with any of those files. If anything happens to any of them, it immediately stops the process involved, alerts you and sets in motion the steps to eliminate the threat. I must say that I was a bit caught out when I spotted some odd looking folders on my system with some oddly named files (see the example below). It’s a bit untidy having “unreal” files and folders on the system, but that’s probably a price worth paying.
  • The next interesting feature follows from the first in that, because RansomFree is looking for BEHAVIOUR, and not looking for specific nasty programs, it doesn’t need to be updated with knowledge of the latest threats (unlike antivirus and antimalware protection). It needs no maintenance from the user. Just install it and forget it.
  • Finally, RansomFree only needs to be installed on one machine in a local network. It then looks after the rest of the network. It should be noted, though, that RansomFree only works on Windows machines.

Ransomfree Bait Folder
One of the “bogus” folders RansomFree has put on my c: drive
I don’t know how good RansomFree is going to prove to be at doing its job (and hope I never find out!). What I do know is that I’m happy to have expended the initial time and energy in finding the program as I can now pass it on to you and that, after all, is my job. After reading this post, you can now install it just by clicking this link – and following the instructions.

If it makes you feel slightly less insecure then that, after all, is one of the benefits of any insurance policy – and the premiums are pretty low!

David Leonard