What is Ransomware?
Ransomware is a type of malicious software or Malware. In other words, we can say it is a subset of Malware, it prevents users from accessing their system or personal files and demands a ransom payment to regain access. It spreads through Emails or by unknowingly visiting an infected website.
It can be affected to an individual or an organization. In 2017 alone, ransomware alone was responsible for $5 Billion loss, both in terms of ransoms paid and spending and lost time in recovering from attacks.
Different Types of Ransomware
Scareware
Scareware includes rogue security software and tech support scams. Users may receive pop-up notifications claiming that malware has been detected on their system and the only way to get rid of it is to pay up.
Screen lockers
Screen lockers, or lockers, are a type of ransomware. When it gets into the victim’s computer, the victim’s is completely out of the computer. Upon starting up the computer a full-size window will appear, which looks like an official government seal saying that illegal activity has been detected on your computer and you must pay a fine.
Encrypting ransomware
In encrypting ransomware, the attacker will gain access to the user system, encrypt the data of the user and ask for a payment to unlock the files. More information about the encryption method is elaborated in this blog by Infosec Institute.
Biggest cyber attack detected in last decade was a ransomware attack knows as Wannacry Ransomware Attack.
How it works?
There are a number of ways ransomware can take to access a computer :
- One of the most common ways is to send the phishing spam-attachments to the victim’s Email and it looks like that the sender of the Email is trusted.
- When the file is downloaded and opened, the attacker can take control over the victim’s computer. If they have built-in social engineering tools that trick users into allowing administrative access.
- Once it’s taken over the victim’s computer, the most common action is to encrypt some of the victim’s computer files, with a surety that at the end of the process, the files can’t be decrypted without a mathematical key known only by the attacker.
Precautions
Following are precautions you can take
- Systems should be updated with the latest update, as outdated software and operating systems are the targets of most attacks.
- Any one should never click on links or open attachments in unsolicited Emails.
- Backup data on a regular basis. Keep it on a separate device and store it offline.
- Follow safe practices when browsing the Internet.
- Enable strong spam filters to prevent phishing emails from reaching the end users and authenticate inbound email to prevent email spoofing.