Everything About Ransomware | A Quick Guide

In this article, we are going to read about ransomware. We are going to cover all the possible things about ransomware.

Content

  1. What is Ransomware ?
  2. How do Ransomware attacks work?
  3. Types of Ransomware
  4. Some Famous Ransomwares.
  5. Should you pay the ransom?
  6. How do you prevent ransomware attack?

What is Ransomeware ?

SamSam Ransomware Hits Hospitals, City Councils, ICS Firms
SamSam Ransomware lock screen

Ransomware is a type of malware in which the data of the victim is locked with typical encryption and ransom(money) is demanded to decrypt the data. The main motive of these attacks is money and unlike any other malware attack, In this victim is notified that they are compromised. The victims are given steps and instructions on how to recover the data. Usually, the payment is demanded in Virtual currency such as bitcoin.

Ransomware spreads through malicious attachments found in emails or infected malicious software and application like pirated software. They also spread from malicious external storage devices like pen drives, hard disks. Some attacks don’t even require user interaction to compromise the data.

How do Ransomware attack works?

Petya - Taking Ransomware To The Low Level - Cybervie
Petya Ransomware lock screen

Ransomware Kits are easily available on the dark web. Cybercriminals can purchase or rent the kit and perform attacks. Someone with little or no technical background can also perform this attack by just buying a kit. But, most cybercriminals create their own malware or modify the existing ransomware.

One of the common methods of delivering ransomware is through phishing emails. A malicious attachment is attached to the email and the mail is crafted so that the victim trusts the sender and click on the attachment. once the victim downloads the malware there computer and data are compromised.

There are more aggressive ways to spread malware. some aggressive ways are using a USB drive and spread is physical, browser plugins, chat messages, etc

Once the malware is in the system, it will encrypt the victim’s data by adding extensions to the files and making them inaccessible. The encrypted files can only be decrypted using a key known by only the attacker. The ransomware then usually displays a message explaining the further steps to pay the ransom, where to pay, what will happen if they don’t. The attackers commonly demand ransom in bitcoins or any other cryptocurrency.

Types of Ransomware?

Ransomware is nothing but malware to extort digital currency from victims. An attacker can use several different ways to extort digital currency.

1. Scareware

Scareware is just low-level malware. the victims may receive pop-up notifications saying malware has been discovered. not responding to this malware will do nothing except pop up more notifications on your screen.

2. Screen Lockers

They are also known as lockers. these types of malware are designed to completely lock the victim out of their computer. When the victim opens the computer they will see a message with instructions on how to pay up electronic currency to open their own computer.

3. Encrypting Ransomware

These are classic ransomware and widely used one. Otherwise Known as a data kidnapping attack. In this, the malware victim’s data get encrypted and the victim has to pay up to decrypt the data.

4. Doxware

In this malware, the attacker threatens the victim to publish the data online if the victim does not pay.

5. Mobile Ransomware

This malware affects mobile devices. An attacker uses mobile ransomware to lock the mobile or mobile’s data and ask for the ransom to unlock the device.

Some Famous Ransomware

1. Ryuk

Ryuk ransomware attacks businesses over the holidays - Cybervie
Ryuk lock screen

2. SamSam

SamSam Ransomware | Cybervie
SamSam Lock screen

3. WannaCry

WannaCry ransomware attack - Cybervie
WannaCry Lock screen

4. Petya

Petya (malware) - Cybervie
Petya

5. TeslaCrypt

TeslaCrypt Ransomware | Cybervie
Tesla crypt lock screen

6. Crypto Locker

CryptoLocker ransomware Cybervie
Cryptolocker screen

7. Locky

Locky Ransomware | Cybervie
Locky Ransomware lock screen

There is some old ransomware in this list but they are one of the most famous and destructive one. Some of them are still in use with modified versions.

Should you pay the ransom?

Most of the law enforcement agencies recommend not paying the ransom to these attacks because it will only give attackers encouragement to do more attacks like this. However when an organization faces the possibilities or no recovery or weeks of the recovery the thought of the lost profit may come into mind and then they began to compare the price of ransom to the price of data that is encrypted.

Paying up the ransom is not recommended for a number of reasons:

  1. Dealing with Criminals – There is no gaurantee that the attacker will really give your data back or decrypt it after paying up the ransom. According to kaspersky in 2016 20% percent of organizations payed up the ransom and still not get theeir files back.
  2. Potential Scareware – The ransom message may be used without accessing the organizations data just to scare.
  3. Possibilities of Repeated ransom demands – Cybercriminals will knoww that the organization has a history to pay up the ransom and this may rise up the chances of another attack.

You should always consider all the paths available before paying up the ransom.

How Do you prevent Ransomware Attacks?

  1. Backup Data regularly.
  2. Update all the softwares, including the antivrus.
  3. Train employees to avoid clicking links in email provided by stranger.
  4. Avoid Paying the ransom
  5. Dont’ put Unknown USB to computer
  6. Monitor the networks for any suspicious activities.

While ransomware attacks are impossible to stop so the organization must take all the precautions to protect their data from these attacks like Enforcing hard limits on who can access data, etc

That’s it for this article for more blogs like this please go to our blog page

About Cybervie

Cybervie provides best cyber security training program in hyderabad, India.This cyber security course enables you to detect vulnerablities of a system, wardoff attacks and manage emergency situations. Taking a proactive approach to security that can help organisations to protect their data, Cybervie has designed its training module based on the cyber security industry requirements with three levels of training in both offensive and defensive manner, and use real time scenarios which can help our students to understand the market up-to its standard certification which is an add on advantage for our students to stand out of competition in an cyber security interview.

More Info – Click Here

Share on facebook
Share on twitter
Share on linkedin
Share on whatsapp

Recent Posts

Follow Us on Youtube

Cyber Security Training Program 2020

Cyber security Course offered by Cybervie prepares students for a path of success in a highly demanding and rapidly growing field of cyber security. The course is completely designed with an adaptable mindset, where the program allows the student to complete the course work at their own pace while being able to complete weekly assignments. Hence, also making it convenient for busy working professionals to pursue the training to help them advance their career in cyber security.

Cybervie has designed the training module based on the cyber security industry requirements in both offensive and defensive manner, using real time scenarios which help our students to understand the market standards.

Sign up for our Newsletter

Interested in Cyber Security Training Program 2020 – Click Here