The best defensive strategy is a comprehensive approach
...make sure you are running an updated anti-virus and anti-malware product, use supplemental security tools with anti-exploitation features
capable of stopping (preventing) infection before it can cause any damage, update all vulnerable software and routinely backup your data. You should rely on behavior detection programs rather then standard anti-virus definition (signature) detection software only. This means using programs that can detect when malware is in the act of modifying/encrypting files rather than just detecting the malicious file itself which in most cases is not immediately detected by anti-virus software.
For example, Emsisoft Anti-Malware
uses advanced behavioral analysis
which is extremely difficult to penetrate...it continually monitors the behavior of all active programs looking for any anomalies that may be indicative of malicious activity and raises an alert as soon as something suspicious occurs. EAM also has the ability to detect unknown zero-day attacks
without signatures.Ransomware Prevention Tools:
Note: Return-oriented programming (ROP)
is a computer security exploit technique that allows an attacker to execute code in the presence of security defenses such as non-executable memory and code signing. Address Space Layout Randomization (ASLR)
is a computer security technique involved in protection from buffer overflow attacks. These security technologies are intended to mitigate (reduce) the effectiveness of exploit attempts. Many advanced exploits relay on ROP
and ASLR as attack vectors
used to defeat security defenses and execute malicious code on the system. For example, they can be used to bypass DEP (data execution prevention) which is used to stop buffer overflows and memory corruption exploits. Tools with ROP and ASLR protection such as Microsofts Enhanced Mitigation Experience Toolkit (EMET)
use technology that checks each critical function call to determine if it's legitimate (if those features are enabled).
And do not forget this...Backing up your data and disk imaging are among the most important maintenance tasks users should perform on a regular basis, yet it's one of the most neglected areas.