What is Ransomware?
Imagine logging onto your laptop one fine morning, checking mails and clicking on a few links and being confronted with this dialog:
This is an example of “ransomware”which unsuspectingly will lock the contents of your computer and keep it out of your own reach. You will be given access to your files only after a ransom is paid! Ransomware is a type of malware that is attacking computers worldwide. TrendMicro, USA defines ransomware as “a type of malware that prevents or limits users from accessing their system, either by locking the system’s screen or by locking the users’ files unless a ransom is paid”.
How does it work?
Ransomware malware starts its nefarious activity as soon as an innocent user clicks on a malicious link or downloads an equally malicious attachment. Once the malware has downloaded, it encrypts the contents of the intended recipients files(or locks the screen) and only once a ransom is paid, the files are promised to be decrypted(which may or may not happen) The payment is expected to be done only in the form of bitcoins or any other type of virtual currency which cannot be easily tracked. CryptoLocker, CryptoWall, CTB-Locker, Locky, TeslaCrypt,TorrenLocker are some of the different types of ransomware.
Targets of ransomware:
Personal home users, small businesses, large organizations are all equally targeted by rogue ransomware malware. The more oblivious you are to the security conundrum the more vulnerable you are to these types of attacks. Let us see how these type of users will fall victim to ransomware attacks:
- In today’s digitized world, a personal home user might store pictures, home files on his home computer and if he he/she is attacked by ranmsomware, they are more prone to pay the required amount making a good deal for the hacker.
- Small businesses and large businesses hold key business data and other financial data that might be crucial for both the business and their clients. If the entire disk in encrypted and out of bounds for its employees, it is possible that some businesses might pay the ransom and try to get back to their own normal business routines.
Examples of recent Ransomware attacks:
These are some of the recent ransomware attacks:
- The recent discovery of a ransomware in the Google Playstore as stated by neurogadget.com on Jan 28,2017. This ransomware will lock the device and release private information of the user if the ransom amount is not paid.(http://neurogadget.net/2017/01/28/take-extra-precaution-ransomware-creeps-google-play-store/54183)
- In another incident, the University of Calgary was forced to pay $20,000(CDN) as ransom for retrieving emails that were encrypted for a week.(http://fortune.com/2016/06/08/university-ransomware)
- Hollywood Presbyterian Medical Center also paid around 40 bitcoins in exchange for getting the decryption keys and unlocking their systems. (http://fortune.com/2016/02/18/hollywood-hospital-hackers-computer-system)
How do we protect against these attacks:
- Security awareness is always the key to any business. Instructing employees to not click on any malicious links or not opening unknown attachments is one way to protect against ransomware.
- Taking a backup of hard disk regularly is another important way of securing against these attacks.
- Security experts also agree that it is advisable not to give into the demands of ransomware threats. Once their demands are met, the malware creators are emboldened to create more malicious content and attack the unwitting business and home users more.
In today’s digitized world, it is but obvious that we will be subjected to different types of security attacks each day. The key is to stay updated and stay on top of the hacker’s intents no matter what your profession may be.