“Ransomware is a type of malicious software designed to block access to a computer system until a sum of money is paid,” according to one common description. It is one of the most chilling variants of malware floating around the Internet: an attack that locks a user’s files hostage behind an encrypted paywall. Universities, hospitals and even governments have fallen victim to these kinds of attacks, paying significant amounts of money in ransom to cyber-criminals in hopes of recovering precious data.
The history of ransomware dates back to 1989 when a ransomware named AIDS Trojan hit the users through floppy disks and asked its targets to deposit $189 as ransom. It has evolved into a high tech scam over a period of time and emerged as a money minting machine for cyber criminals.
Ransomware criminals target home users, businesses and even public institutions. They take advantage of the lack of cyber security knowledge of the users who often don’t take back-ups of their data. Businesses also are easy targets to these attacks because of their complex computer systems which are prone to vulnerabilities. Institutions often lack appropriate cyber defences to protect their data, the data which is confidential and can be sold by the cyber criminals.
Ransomware criminals use various methods for stealing the data. They learn from their missteps and keep on improving their methods. They use spam email campaigns that contain malicious links or attachments, legitimate websites that have malicious code injected in their web pages, SMS messages and Crypto-ransomware attacks, and persistent social engineering. These attacks are getting lethal day by day as these criminals keep on improving the malicious code to make it stronger, intrusive and avoid cyber security measures. The ransomware targets the data stored in hard drives, and cloud accounts (Google Drive, Dropbox) synced on the PC. It can also affect the data on other computers connected in the local network. The attacks are very quick and leave the victims staring at the ransom note in disbelief.
These criminals use the highly evolved evasion tactics to avoid detection by antivirus programs. Cybersecurity researchers hardly pick them up and they rarely are discovered by law enforcement agencies. There are many dangerous ransomwares which have exhorted millions of dollars from their victims till now. Some of them are CryptXXX, Troldesh or Chimera. Other than these established ransomwares, new malicious ones have been coming up at a very frightening rate.
We need to take the threat of ransomware very seriously and get our data secured before we fall victim to these criminals. To understand and learn how the ransomware works is the first step of prevention. Some basic steps to prevent ransomware attacks are as follows:
- Don’t only use your local computer for storing your data
- Have at least couple of backups of all of your critical data, preferable using two different mediums like hard drive and cloud
- Avoid auto sync options for cloud storages
- Keep the security software on your machines updated
- Try to avoid using administrator accounts for daily usage
- Avoid using macros and keep them turned off
- Avoid installing plugins in the browsers
- Always keep your browsers updated and remove expired add-ons
- Use Ad blockers
- Never open spam emails or download attachments from suspicious emails
- Never click on links in suspicious emails
- Always use reliable anti virus programs and keep them updated
In case of the unfortunate event of falling prey to ransomware, reach out to cybersecurity professionals who can guide you to a good list of ransomware decryption tools which may help you to retrieve your data. But the best way of avoiding the ransomware is to follow the basic steps listed above. Authorities and IT companies are also fighting back to curb this menace and are helping users to retrieve their data without paying the criminals.