ransomware
05Jul

Understanding Ransomware

ransomwareUnderstanding Ransomware

What You Need to Know About the Malware that Hits Your Data, and Then Your Wallet

Cyber criminals have no shortage of tools at their disposal in their attempts to abuse and take advantage of those they set their sights on. Recently, however, it seems that more and more of them select ransomware as their weapon of choice. Knowing what ransomware is, and how to avoid falling victim to it, is critical to a business’s survival. Fortunately, this particular malware has a few distinct characteristics that make it relatively simple to identify and describe.

 

Why does it seem like ransomware is popular among online actors with ill intent?

Ransomware is pretty much summed up by its name–simply put, it’s malware that allows hackers to demand a ransom. This classification of malware follows a simple, but devious, method of attack: the program will encrypt files on the host system and demand that the user pay to regain access to their files, typically asking to be paid in some form of cryptocurrency, like Bitcoin. To add a sense of urgency to this demand, the extortionist will include a time limit within their demands, threatening to either delete the files or double the amount demanded if the stated deadline passes.

Due to the typically high ransoms that are associated with ransomware, there are some targets that tend to be assaulted more than others. After all, a cyber criminal’s motivation for utilizing ransomware is financial, and so they will be more apt to attack targets with more capital and higher liquidity. This means that businesses are much more likely to be targeted than a private user, although the latter is not unheard of.

How is ransomware spread?

A favorite tactic is the use of email phishing, or sending out deceptive emails that aim to fool the recipient into allowing the malware onto their system. These emails can appear to be from a variety of senders, using more disguises than the average Mission Impossible film… from government organizations to industry peers or job applicants… and can often be very convincing. The malware is sent along as an attachment that activates once it is opened, bypassing many of the system’s defenses through the user’s permission.

This tendency for malware to spread via phishing provides two more reasons that businesses are so frequently designated as targets: camouflage and points of access.

Business users usually get lots of emails. Clients…coworkers… suppliers… marketers… and so many other assorted contacts fill an employee’s inbox. All these emails give the employee plenty to do along with the rest of their work, so eventually this will lead to the employee managing their email on autopilot. So… for example…after a member of Human Resources has been working for a while, a folder containing job application materials may not be an out-of-the-ordinary thing for them to receive. If the corrupted email looks legitimate, then what would cause an employee to think twice or worry? These assumptions (the ones that lead to short-sighted clicking) are precisely what cyber criminals rely on to infiltrate their victim’s systems.

The other contributing factor to a business is related to these assumptions as well: a high volume of points of access. As they grow, businesses will usually need to take on more employees to support their operations. An unfortunate side effect of this, however, is that as a company grows in potential value to a cyber criminal, it also increases the number of potential access points (ie the number of employees to fool) for a cyber criminal to take advantage of.

Ransomware Titles You Should Know

CryptoLocker
cryptolocker

Zepto
zepto

Cerber3
cerber3

FairWare
fairware

Petya
petya

Wildfile
wildfire

Planning for an attack!

You may not always see the warning signs, until it is too late… but if we can give you one piece of advice to minimize the horror… and that is back up everything and back it up often! Having a second copy of everything that could be held to ransom, is like taking away the highwayman’s pistol.

If you see any of the pictures above, and need help… or need help with setting up protective back up systems, Serenity Solutions can come to your rescue. At Serenity Solutions, our dedicated technicians can help and/ or show you how to altogether avoid the unfortunate situations brought on by ransomware. If you have questions about ransomware, malware of any kind, or if you simply would like tips on how to best protect your data and infrastructure from ransomware, call us today at 778-771-0184.

Matthew

ABOUT THE AUTHOR

Matthew
Matthew is fanatical about technology. One of his biggest passions is working with other business owners to help them get value from their systems and networks.