What is Ransomware?
Ransomware is a type of malware that, once downloaded, encrypts data or locks a user out of their device until a sum of money is paid. It encrypts a victim’s files. The attacker then demands a ransom from the victim to restore access to the data upon payment. Users are shown instructions for how to pay a fee to get the decryption key. The costs can range from a few hundred dollars to thousands, payable to cybercriminals in bitcoin.
This type of attack takes advantage of human, system, network, and software vulnerabilities to infect the victim’s device which can be a computer, printer, smartphone, wearable, point-of-sale (pos) terminal, or other endpoint.
How ransomware works?
There are a number of vectors ransomware can take to access a computer. One of the most common delivery systems is phishing spam, that looks like genuine messages from reputable sources. The receiver is usually encouraged to click on a link or download a file that contains the malicious software. Attachments that come to the victim in an email, masquerading as a file they should trust. Once they’re downloaded and opened, they can take over the victim’s computer, especially if they have built-in social engineering tools that trick users into allowing administrative access. Some other, more aggressive forms of ransomware, like notpetya, exploit security holes to infect computers without needing to trick users.
The device is infected when the victim clicks a link, visits a web page, or installs a file, application, or program that includes malicious code designed to covertly download and install the ransomware.
Some examples of ransomware malware:
Wannacry, cerber, locky, cryptolocker, ryuk, grand crab, e.t.c.
How to avoid ransomware attack?
- Don’t click the unknown link!
- Build email protections and endpoint protections
- Keep backups of your data
- Protect your personal information
- Network defenses
- Use trusted antivirus ransomware detection software