Ransomware attacks are on the rise. Ransomware is the new hot threat everyone is talking about. So, what is Ransomware ? Ransomware is a sophisticated piece of malware that severely restricts access to a computer, device or file until a ransom is paid by the user. It is an exploit in which the attacker encrypts the victim’s data and demands payment for the decryption key. The cyber security community agrees that this is the most prominent and worrisome cyber threat of the moment. The most common ransomware are CryptoLocker, CryptoWall, TeslaCrypt, Crowti, FakeBsod, Reveton and Tescrpt, while Petya is one of the worst. However, the most widespread type of ransomware is crypto-ransomware or encrypting ransomware.
Ransomware spreads through e-mail attachments, infected programs, instant messages or websites. A ransomware malware program may also be called a cryptovirus, cryptotrojan or cryptoworm.
Types of ransomware in circulation:
Scareware ransomware – It is the simplest type of ransomware. It uses scare tactics or intimidation to trick victims into paying up. It can come in the form of fake antivirus software in which a message suddenly pops up claiming your computer has various issues and an online payment is necessary to fix them!
Encrypting ransomware – It incorporates advanced encryption algorithms. It blocks computer system files and demand payment for the decryption key that can decrypt the blocked content. Example CrytpoWall, CryptoLocker, Locky, etc.
Locker ransomware – It locks the victim out of the operating system, making it impossible to access the desktop and any apps or files. The files are not encrypted in this case, but the attackers still ask for a ransom to unlock the infected computer. Example police-themed ransomware or Winlocker.
MBR ransomware – The Master Boot Record is the section of a PC’s hard drive which enables the operating system to boot up. When this ransomware strikes, the boot process can’t complete normally, and prompts a ransom note to be displayed on the screen. Examples Satana and Petya ransomware.
The level of this type of attack varies. Sometimes, users may be bombarded with endless alerts and pop-up messages. Other times, the computer will fail to work at all. Yet, another type of ransomware can impersonate a law enforcement agency by opening up a page that appears to be from a local law enforcement office and claiming the computer user was caught performing illegal activities online. Files are then locked in hard-to-crack, encrypted files, making it difficult for users to recover unless the ransom is paid.
Protect against ransomware:
Protect your computer system before falling victim to ransomware. It’s is always best to take preventative measures before these issues take root and grow into big problems. Some of the following things you should do to prevent the loss of important data from ransomware attack.
1) Create regular backups of all your important files. Don’t rely on cloud backups, it can also be affected from ransomware. Infected files could be synced with those on your hard drive and could overwrite unencrypted files with the newer encrypted ones. The best way is to have several backups including copies on hard drives or any other media which is disconnected to your computer and the internet. Ransomware will teach us to make backups.
2) Keep your internet security software updated like antivirus, antispyware and make sure these softwares are well strong to protect against all types of malware, including ransomware. Keep your firewall always on. Bootable antiviruses are anti-malware applications that can be installed and run on an external storage like a flash drive or a CD.
3) Be ever more alert with spam email or an email attachments you open and links you click on. Ransomware usually relies on human and software vulnerabilities. Even if an email or attachment is from a person you know, or a service provider you use, double-check that it is genuine. Avoid questionable websites and be alert when opening any suspicious email messages.
Many times, when you are hit with ransomware it is impossible to get your files back because the payment processing may fail or the encryption keys may not work. The ransomware trend will only continue if those infected, continue to pay the ransom. We cannot encourage this behaviour, so we suggest these ransoms should not be paid.