Subscribe to our weekly newsletter Cyber Times and join our 10000+ strong Cyber Resilient Community
RANSOMWARE ATTACK AND ITS PREVENTION
“Before the 2019 Sodinokibi ransomware attack, one of
the most infamous Ransomware in history: WannaCry ransomware infected
thousands of Windows OS run computers, infiltrating the global corporate network in 2017.
The victims had to pay a ransom in Bitcoin to retrieve their data”
Talk To A Security Expert
What Is Ransomware?
Ransomware is a malicious software that when incorporated
into an operating system automatically locks the user out of the device and asks
for a subsequent ransom for the device to function again. Such software generally
infects the whole system and restricts access to it.
Cybercriminals usually demand a certain sum of money or
ransom from the victims, within an allotted time-frame. If the demand is not fulfilled
then the user may end up losing a large amount of valuable data. What is worse, paying
the ransom does not guarantee that the operating system will be restored either.
Ransomware is that malware encrypts valuable information such as your documents,
financial information, personal photos, and videos and restricts access to all of
them. This is hence extremely problematic for the user and causes a state of panic.
Types Of Ransomware
This is a form of a ransomware attack that encrypts the user’s valuable files and
folders and all relevant information such as important files, folders, and documents.
This particular type of ransomware is known to infect a user’s operating system and completely
block access to it. Often android-based, this type of attack can permanently lock user access unless a ransom is paid.
This type of malicious application or software impersonates antivirus and cleaning tools.
Scareware makes false claims like pretending to have found problems on the user’s operating
system and demands money to fix those problems.
Ransomware as a service (RaaS) is a malicious enterprise where a vendor offers services
to hackers and cybercriminals. He is responsible to carry out all activities including
installation of the malware, encrypting the documents, and then decrypting them when
the ransom has been paid by the victim.
Doxware is also known as Leakware or Extortionware. It is a type of ransomware attack
where the hacker via the malicious software threatens to post the user’s stolen information
on online platforms and blackmails him till he agrees to pay the ransom money.
A Brief History Of Ransomware
AIDS researcher Joseph Popp launched the first ransomware Attack in the
history of Ransomware by distributing 20,000 floppy disks to his fellow researchers
in the 1980s. These disks contained a harmful malware that encrypted their files
and demanded ransom for decryption.
In 2004, the GpCode ransomware attack carried out an RSA encryption on the files
of users and demanded subsequent ransom. This was followed by the 2007 WinLock ransomware
attack which locked users out of their operating systems and displayed pornographic images
on their desktop.
In 2012, the Reveton ransomware attack took the world by a storm when hackers impersonated,
law enforcement agencies such as the FBI and asked users to pay the ransom via prepaid card,
accusing them of heinous crimes.
After the infamous WannaCry ransomware attack in 2017, the most recent incident of a Ransomware
attack was recorded in 2019, known as the Sodinokibi ransomware attack. Hackers impersonated service providers such as dental offices and MSP to trick users.
Did you know that in 2016, Mac operating systems were infected by their first-ever ransomware: KeRanger.
It infiltrated the systems via a malicious application called “Transmission” that encrypted all the confidential files of the users.
How to tackle a Ransomware Attack
Always use antivirus software or firewall to make sure your devices and operating systems are well-protected against such cyber attacks
Always update your security software to enable the latest features and unlock fresh features on it
Always keep your operating system and other software updated to the latest version to protect your system from
the upcoming variations of ransomware
Don’t click on links on email attachments or suspicious websites, which when hovered over do not show the URLs of the desired page
Always keep a backup of your important data and files on an external hard-disk to reduce the risk of losing them
Using cloud services may help you retrieve lost information and data as cloud services retain old documents
It is always advisable to avoid paying the ransom since there is no guarantee that hackers will decrypt your device
even after the ransom is paid
Why Avail A Security Attack Awareness and Training Program??
Employees in a company are usually unaware of cyber attacks and security-related issues.
They are uninformed of the latest trends and social engineering techniques used by cyber attackers,
and hence they easily fall prey to impending cyber threats. Without spreading awareness among employees
adequately, an organization can’t protect their assets and financial information from hackers. Consulting
with security analysts and experts to avail of a well-rounded social engineering attack awareness training
program can help educate employees regarding social engineering attacks and their preventive measures.
The program includes 3 comprehensive steps for complete cybersecurity awareness and training:
To perpetrate the first round of dummy phishing attack on employees
Knowledge imparting session
Imparting details knowledge on phishing attack and prevention via video advisories, presentations, and lectures.
Evaluation and Assessment
Regular cumulative assessments are conducted to ensure that the employees are making improvements while handling phishing attacks.