Beware The Many Forms of Ransomware

Ransomware has proven to be a major problem for both large and small companies. It can attack your data in various ways and completely shut down your business activities.

In many cases it can cost thousands or millions of dollars to restore access and use of pirated information.

According to Chainanalysis 2021 Crypto Crime Report, the total amount paid by the victims of ransomware increased by 311% in 2020 to about $ 350 million worth of cryptocurrencies, (the most popular form of payment) and the problem will continue to grow.

Overall the best defense against a ransomware attack is a good offense. Understanding the different forms of ransomware can help prepare a company for infiltration. Here are some tips to help you deal with any type of cyber crime.

First, for those unfamiliar with ransomware, it is a virus that silently encrypts user data on their computer. It may infiltrate your system and deny access to key information, disrupting or shutting down all business activities.

Once the intruder has stolen and encrypted the data, a message may appear demanding payment of a certain amount of money to restore access to the information. The victim has only a certain amount of time to pay the cyber criminal. Exceeding the time limit may increase the ransom.

The ability to search other computers on the same network for infecting certain types of ransomware. Others infect their hosts with more malware, which can steal login credentials. This is especially dangerous for sensitive information, such as banking and financial account passwords.

The two main types of ransomware are called crypto ransomware and locker ransomware. Crypto ransomware encrypts various files on the computer so that the user cannot access them. Locker ransomware does not encrypt files. Rather, it “locks” the victim from their device, preventing them from using it. Once it is denied access, it asks the victim to pay to unlock their device.

The last few years have seen many well-known cyber attacks, including ransomware. Contains …

“WannaCry” in 2017. It spread to 150 countries, including the United Kingdom. It was designed to manipulate a Windows vulnerability. By May of that year, it had infected more than 100,000 computers.

The WannaCry attack has affected trusts in many UK hospitals, costing the NHS around £ 92 million. Users were locked out and demanded ransom in the form of Bitcoin. The attack exposed the problematic use of the old system. Cyber ​​attacks have caused nearly $ 4 billion in financial losses worldwide.

Ryuk is a ransomware attack that spread in mid-2018. This disables the Windows System Restore option on PC computers. Without a backup, it was impossible to recover encrypted files It also encrypts network drives. Many of the targeted organizations were in the United States. Claimed ransom has been paid, and the estimated loss is $ 640,000.

KeRanger is thought to be the first ransomware attack to successfully infect Mac computers running the OSX platform. It was placed in an installer of an open source BitTorrent client, also known as a transmission. When users download the infected installer, their device is infected with ransomware. The virus remains inactive for three days and then encrypts about 300 different types of files. It then downloads a file with a ransom, claims a bitcoin, and provides instructions on how to pay the ransom. After the ransom is paid, the victims’ files are decrypted.

As ransomware becomes increasingly complex, the methods used to spread it become more sophisticated. Examples include:

Pay-per-install. It targets devices that have already compromised and can be easily infected by ransomware.

Drive-by download. This ransomware is installed when a victim unknowingly visits a compromised website.

Link to email or social media messages. This method is the most common. Harmful links are sent to emails or online messages so they can click.

Cybersecurity experts agree that if you are the victim of a ransomware attack, do not pay a ransom. Cybercriminals can encrypt your data even after payment and demand more money later.

Instead, back up all data to an external drive or cloud so that it can be easily restored. If your data is not backed up, contact your Internet security company to see if they offer a decryption tool in such situations.

Managed service providers can perform a risk analysis at no cost and determine a company’s security risk.

Understanding the vulnerabilities for a potential intrusion and preparing in advance to overcome them is the best way to stop a cyber thief from wreaking havoc on your company.

Leave a comment

Your email address will not be published. Required fields are marked *