Beware of Ransomware!

Shredding Some Light On Ransomware

What Ransomware Does?

Ransomware attacks are not new as seen in 2017. It’s been affecting a lot of systems even before that. In simple language, Ransomware is a Malware which affects your system and encrypts all your personal files. Once infected the Malware will ask for a Ransom and if not paid all the Files will be lost. Now Microsoft released a critical path MS17-010 in the month of March 2017 to handle the Vulnerability but many organizations failed to acknowledge the critical category patch and as per most of the security standards a critical category patch should be installed in less than 15 days on all the systems but obviously, it was not done on time and hence ransomware was successful in creating Chaos all over the globe.
 
This year’s biggest attack took place at On Friday, May 12, 2017, around 11 AM ET/3PM GMT so that means Microsoft was way ahead in releasing the patch but still.
 

A Quick History of Ransomware

This may be hard to digest, but the first ransomware in history Occurred in 1989 (28 years ago). It was called AIDS Trojan, whose modus operandi seems raw today. It spread through floppy disks and involved sending $ 189 to a Panama mailbox to pay redemption. (Now Don’t Think about Leaked Panama Files. Nothing to do with Ransomware. At least that’s what I think)
 
This is How a system looks like when it is infected with ransomware.
 
Well Scary, isn’t it?
 

Two types of Ransomware

  1. Encryptors, which uses advanced encryption algorithms. It is designed to lock system files and requires payment to provide the victim with the key that can decrypt blocked content. Examples include Crypto Locker, Locky, CrytpoWall, and more.
  2. Lockers, blocking the victim from the operating system, making it impossible to access the desktop and for any application or file. The files are not encrypted in this case, but the attackers still demand a rescue to unlock the infected computer. Examples include ransomware themed police or Win locker.

Ransomware Has Some Key Characteristics That Make It Different

  • Features unbreakable encryption, which means that you can’t decrypt the files on your own
  • Can scramble your file names, so you can’t know which data was affected
  • Has the ability to encrypt all kinds of files, from documents to pictures, videos, audio files and other things you may have on your PC
  • Uses a complex set of evasion techniques to go undetected by traditional antivirus 
  • Capable of geographical targeting, meaning the ransom note is translated into the victim’s language, to increase the chances for the ransom to be paid.

Now Few Steps To Be Safe

  1. Back Up your data.
  2. Just Say No—To Suspicious Emails and Links.
  3. Always install updates. (On time )
  4. Got an Infection? Disconnect.
  5. Close unused those ports.

Losses Incurred Due To Ransomware

Well In 2015, Ransomware cost companies for about $350 million in damages., according to Microsoft. 
 
As per other Audits, Ransomware is Growing at the rate of 350% Per year. Source - http://cybersecurityventures.com/ransomware-damage-report-2017-5-billion/
 
Authored By - Prateek Babbar
TCS Cyber Security Practice
 
Rate this article: 
0
No votes yet
Article category: