Ransomeware : Hackers want you to pay ransom for your data

Ransomeware : Hackers want you to pay ransom for your data

177
0
SHARE
Ransomeware
Ransomeware (source: anti-malware.gridinsoft.com)
This article was first posted here on this site last year. It is now reposted because of the recent wannacry ransomeware attacking windows devices

Ransomware is on the rise both in sophistication and frequency. There are more and more recorded cases of attacks. So what is this thing?

Ransomware – a term coined by combining the words, “ransom” and “software” – is a computer virus(software) that prevents users access to their systems until a requested amount(ransom) is paid.

History of ransomware.

The 1989 AIDS Trojan (also known as PC Cyborg), written by Joseph Popp is the first known ransomware. It forces users to pay license renewal fee to PC Cyborg Corporation (This involve sending 189 US$ to a post office box in Panama).

In year 2005 through 2013, the ransomware become more sophisticated. A ransomware worm imitating the Windows Product Activation notice appears. Mac OS X-specific ransomware worm also arrives on the scene. CryptoLocker a type of ransomware rakes in around $5 million in the last four months of the year.

Year 2015 births multiple variants of ransomware running on multiple platforms capable of causing major damages.

How Does it Work?

Most ransomware attacks happen via email attachment which could be an executable file(.exe), an archive file or an image. Once you open the attachment, it’s malicious content is deployed on your system.

Other times, the malware is planted in hacked websites such that an unsuspecting visit to such websites gets the malware deployed to your system.

CTB-Lock-Screen
CTB Lock screen

The deployed malware operations in the background encrypting all of user’s data. When this is completed, a dialog as above is displayed to the user informing them of this and demands for a ransom for data to be decrypted. Other attacks show a dialogue box of pornographic images on the user’s screen continuously and  requesting for ransom to be paid for the dialogue to be removed. Just imagine having such a dialogue displayed on your screen at work. This video by Kaspersky Lab throughs more light on this.

Cybercriminals often ask for nomimal pay of $10 or a bit more, figuring you would rather pay that than have your data encrypted or an embarrassing pornographic dialogue displayed on your system.

The general advice is not to pay the ransom. By sending your money to cybercriminals you’ll only confirm that ransomware works,
and there’s no guarantee you’ll get the decryption key you need in return.

How do you protect yourself (As advised by norton security)?

  1. Use Antivirus software and firewall. Always have your firewall turn on and also keep your security software  and antivirus up to date. Both are critical for the safety of your system.
  2. Back up often. Backing up your data either through an external disc or online back system diminishes the impact of the attack.
  3. Enable your popup blocker. Always click on the X button(close button) on popups as attackers make use of them very frequently for attacks.
  4. Exercise caution. Be very cautious about sites you visit and links you click, especially links in an email. The hackers are smart and can use any means to reach you. Hover on a link to see where it takes you and be certain to know where that is before clicking on it.
  5. Disconnect from the Internet. Experts advise disconnecting from the internet as soon as you receive a ransomware note so as to mitigate having your data transferred to the hackers.
  6. Alert authorities. Ransomware is a serious form of extortion. Always alert the law enforcements around you in case of any attack.

Taking precautions to protect your information and maintaining vigilance are the best solutions to avoid becoming a victim in the first place.

Sources:

http://us.norton.com/yoursecurityresource/detail.jsp?aid=rise_in_ransomware.  https://www.nomoreransom.org/ransomware-qa.html.  https://en.wikipedia.org/wiki/AIDS_(Trojan_horse).   https://www.fbi.gov/file-repository/ransomware-prevention-and-response-for-cisos.pdf/view.

LEAVE A REPLY