Ransomware are malicious code designed to block access to a computer system, executes a crypto-virology attack that adversely affects files until a sum of money is remunerated. They act like a hostage kidnapper, makes you pay a ransom cash towards freeing the system back. The average ransom demanded today is about 500$ to 1000$. Most ransomware either restrict the application access of the legitimate user or are of encrypting type. Ransomware hackers demand payment mostly is the form of bitcoins, ensuring anonymity.
Protection against Ransomware? The biggest thing that can overcome ransomware is taking regular frequent backups. Frequent backups help you to restore any documents. Others include deny mails with attachments having .exe file extensions, disable running executable from the app data or local app data folder, disable RDP access to your machine, regularly update system patches. Ransomware is surely an issue today and awareness is a major part of the solution, as we can’t operate in isolation.
There is a list of decryption Tools. Get in touch with firstname.lastname@example.org for the list. These decryption tools work for multiple relatives or families of ransomware. One truth is that we will never have a single solution to all ransomware infections. Building this solution would need a military of cyber security specialists to cryptographically solve all.
Author - Kinshuk De, manages Business Operations at TCS' Enterprise Security Risk Management practice