- Ransomware is a software designed to hack the computer data or making the system unfunctional It has data kidnapping capabilities.
- It is a kind of security threat to compell the user for paying the ransom to operate or to handle the data for sorting out the required purpose.
- Latest version of ransom families categorized as crypto-ransom encounter certain files to block them completely or to hide them from the screen.
- Ransomware binds the users to pay money online to get required functional key to go ahead on the system to enthrust the needful job.
DO YOU KNOW HOW YOUR PC GET INFECTED AND FILES GET ENCRYPTED?
- Users may get infected when they unknowingly download ransomware from
- 1. Compromised website
- 2. Spammed emails
- 3. Other malware
Now the question arises,
HOW DATA KIDNAPPING THROUGH RANSOMWARE TAKES PLACE?
1.1 Firstly, it appears on user’s computer system after getting downloaded to the system.
1.2 Then it locks the system screen and finds certain files and encrypt them.
Now it might appeal to your curiosity about HOW FILES GET ENCRYPTED?
2.1 Once inside a system, crypto-ransomware connects to randomly generated domains to download a public key.
2.2 It searches for important productive files such as .doc, .xls and .pdf.
2.3 It generates a key for each file then encrypts them.
2.4 The crypto-ransomware then rides the encrypted key at the beginning of all files.
3. Attackers display the ransom note –
3.1 Attackers blackmails the victims by reflecting the ransom note on the system screen to get an access to his/her own infected system.
3.2 Victims receives ransom note and instructions on how to pay through bitcoin.
3.3 Victims purchases bitcoin and transfer it to the attackers bitcoin address.
3.4 Victims send the transfer ID to the attacker as proof of payment.
3.5 Once transaction is done, the attacker will send the decryption instructions to the victim but it is not sure to regain access to his/her infected system.
HENCE, ” BEWARE OF RANSOMWARE “!!
HOW CAN YOU PROTECT YOURSELF?
One can avoid falling victims to this type of threat with the following practices –
- Update your security software – Use reputable antivirus software and a firewall so that it can protect you from recent ransomware variants.
- Backup oftenly – Using 3-2-1 rule – Create three backup copies on 2 different media with one backup in a separate location .
- Bookmark websites – This will prevent one from typing in the wrong address.
4. Verify email sources.
5. Activate your popup blocker.
6. Exercise caution.
7. Disconnect from internet.
8. Alert the authorities.
RANSOMWARE : NEWSBITS
- “ Ransomware spreads outside Russia ”- march 2012
- “German hospitals hit with ransonware”- February 26,2016 Computer systems at two hospitals in Germany were infected with ransomware. The cleanup process is expected to take several weeks. At Lukas Hospital in Neuss, the attack affected an X-ray system, an email server and other network components. The attack was detected after it affected one server. There are reports that a third hospital was targeted as well.
- “ Ransomware exploits flash flaws ”-June 29, 2015Ransomware known as crypto-wall is being used in attacks that exploits a flaw in adobe flash player for which adobe issued a patch just last week.
- “Apple macs hit by ransomware for first time”– March 7,2016
- “Hollywood hospitals held to ransom by hackers”– February 15,2016
RANSOMWARE : A SECURITY THREAT
Ransomware is no more just a scare-ware.
A ransomware variant seen in Russia that zipped files and left password protected zipped files in the victim’s system.
An SMS ransomware emerged, asking victims to pay up dialing a SMS number.
Cryptolocker, a new type of ransomware surfaced. It has the ability to encrypt files aside from locking systems.
An article by: Meetalinanda